diff --git a/MobileShepherd/CProviderLeakage/app/src/main/res/layout/activity_main.xml b/MobileShepherd/CProviderLeakage/app/src/main/res/layout/activity_main.xml
index 635201149..e29d5505e 100644
--- a/MobileShepherd/CProviderLeakage/app/src/main/res/layout/activity_main.xml
+++ b/MobileShepherd/CProviderLeakage/app/src/main/res/layout/activity_main.xml
@@ -11,6 +11,7 @@
         android:layout_height="wrap_content"
         android:id="@+id/keyEditText"
         android:textColorHint="#FFFFFF"
+        android:textColor='#FFFFFF'
         android:background="@xml/edittext"
         android:layout_alignParentTop="true"
         android:layout_alignParentLeft="true"
diff --git a/MobileShepherd/CProviderLeakage1/.gitignore b/MobileShepherd/CProviderLeakage1/.gitignore
new file mode 100644
index 000000000..ec870c9fd
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/.gitignore
@@ -0,0 +1,7 @@
+.gradle
+/local.properties
+/.idea/workspace.xml
+/.idea/libraries
+.DS_Store
+/build
+/captures
diff --git a/MobileShepherd/CProviderLeakage1/app/.gitignore b/MobileShepherd/CProviderLeakage1/app/.gitignore
new file mode 100644
index 000000000..3543521e9
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/.gitignore
@@ -0,0 +1 @@
+/build
diff --git a/MobileShepherd/CProviderLeakage1/app/build.gradle b/MobileShepherd/CProviderLeakage1/app/build.gradle
new file mode 100644
index 000000000..3e1e7ae75
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/build.gradle
@@ -0,0 +1,25 @@
+apply plugin: 'com.android.application'
+
+android {
+    compileSdkVersion 22
+    buildToolsVersion "22.0.1"
+
+    defaultConfig {
+        applicationId "com.somewhere.hidden"
+        minSdkVersion 15
+        targetSdkVersion 22
+        versionCode 1
+        versionName "1.0"
+    }
+    buildTypes {
+        release {
+            minifyEnabled false
+            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
+        }
+    }
+}
+
+dependencies {
+    compile fileTree(dir: 'libs', include: ['*.jar'])
+    compile 'com.android.support:appcompat-v7:22.2.0'
+}
diff --git a/MobileShepherd/CProviderLeakage1/app/proguard-rules.pro b/MobileShepherd/CProviderLeakage1/app/proguard-rules.pro
new file mode 100644
index 000000000..c1ae58556
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/proguard-rules.pro
@@ -0,0 +1,17 @@
+# Add project specific ProGuard rules here.
+# By default, the flags in this file are appended to flags specified
+# in C:\Users\sean\AppData\Local\Android\sdk/tools/proguard/proguard-android.txt
+# You can edit the include path and order by changing the proguardFiles
+# directive in build.gradle.
+#
+# For more details, see
+#   http://developer.android.com/guide/developing/tools/proguard.html
+
+# Add any project specific keep options here:
+
+# If your project uses WebView with JS, uncomment the following
+# and specify the fully qualified class name to the JavaScript interface
+# class:
+#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
+#   public *;
+#}
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/AndroidManifest.xml b/MobileShepherd/CProviderLeakage1/app/src/main/AndroidManifest.xml
new file mode 100644
index 000000000..6f549d7f8
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/AndroidManifest.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    package="com.app.module" >
+
+    <application
+        android:allowBackup="true"
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:theme="@style/AppTheme" >
+        <activity
+            android:name="com.app.module.MainActivity"
+            android:label="@string/app_name" >
+            <intent-filter>
+                <action android:name="android.intent.action.MAIN" />
+
+                <category android:name="android.intent.category.LAUNCHER" />
+            </intent-filter>
+        </activity>
+
+
+        <provider
+            android:name=".mProvider"
+            android:authorities="com.app.module.mProvider"
+            android:exported="true"
+            android:multiprocess="true" >
+        </provider>
+    </application>
+
+</manifest>
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/java/com/app/module/MainActivity.java b/MobileShepherd/CProviderLeakage1/app/src/main/java/com/app/module/MainActivity.java
new file mode 100644
index 000000000..066b02b24
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/java/com/app/module/MainActivity.java
@@ -0,0 +1,38 @@
+package com.app.module;
+
+import android.content.ContentValues;
+import android.net.Uri;
+import android.os.Bundle;
+import android.support.v7.app.AppCompatActivity;
+import android.view.View;
+import android.widget.EditText;
+import android.widget.Toast;
+
+
+public class MainActivity extends AppCompatActivity {
+
+    EditText keyEditText;
+
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+        setContentView(R.layout.activity_main);
+
+        keyEditText = (EditText) findViewById(R.id.keyEditText);
+    }
+
+    public void addKey(View view) {
+
+        String key = keyEditText.getText().toString();
+
+        ContentValues values = new ContentValues();
+        values.put(mProvider.key, key);
+
+        // Provides access to other applications Content Providers
+        Uri uri = getContentResolver().insert(mProvider.CONTENT_URL, values);
+
+        Toast.makeText(getBaseContext(), "New Secret Added", Toast.LENGTH_LONG)
+                .show();
+    }
+
+}
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/java/com/app/module/mProvider.java b/MobileShepherd/CProviderLeakage1/app/src/main/java/com/app/module/mProvider.java
new file mode 100644
index 000000000..3eb58fb44
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/java/com/app/module/mProvider.java
@@ -0,0 +1,191 @@
+package com.app.module;
+
+import android.content.ContentProvider;
+import android.content.ContentUris;
+import android.content.ContentValues;
+import android.content.Context;
+import android.content.UriMatcher;
+import android.database.Cursor;
+import android.database.sqlite.SQLiteDatabase;
+import android.database.sqlite.SQLiteOpenHelper;
+import android.database.sqlite.SQLiteQueryBuilder;
+import android.net.Uri;
+import android.widget.Toast;
+
+import java.util.HashMap;
+
+
+public class mProvider extends ContentProvider {
+
+
+    static final String PROVIDER_NAME = "com.app.module.mProvider";
+
+    static final String URL = "content://" + PROVIDER_NAME + "/data";
+    static final Uri CONTENT_URL = Uri.parse(URL);
+
+    static final String id = "id";
+    static final String key = "key";
+    static final int uriCode = 1;
+
+    private static HashMap<String, String> values;
+
+    // Used to match uris with Content Providers
+    static final UriMatcher uriMatcher;
+
+    private SQLiteDatabase sqlDB;
+    static final String DATABASE_NAME = "hiddenData";
+    static final String TABLE_NAME = "keys";
+    static final int DATABASE_VERSION = 1;
+    static final String CREATE_DB_TABLE = " CREATE TABLE " + TABLE_NAME
+            + " (id INTEGER PRIMARY KEY AUTOINCREMENT, "
+            + " key TEXT NOT NULL);";
+
+
+    static {
+        uriMatcher = new UriMatcher(UriMatcher.NO_MATCH);
+        uriMatcher.addURI(PROVIDER_NAME, "data", uriCode);
+    }
+
+    @Override
+    public boolean onCreate() {
+        DatabaseHelper dbHelper = new DatabaseHelper(getContext());
+        sqlDB = dbHelper.getWritableDatabase();
+        if (sqlDB != null) {
+            return true;
+        }
+        return false;
+    }
+
+    @Override
+    public Cursor query(Uri uri, String[] projection, String selection, String[] selectionArgs, String sortOrder) {
+        // Used to create a SQL query
+        SQLiteQueryBuilder queryBuilder = new SQLiteQueryBuilder();
+
+        // Set table to query
+        queryBuilder.setTables(TABLE_NAME);
+
+        // Used to match uris with Content Providers
+        switch (uriMatcher.match(uri)) {
+            case uriCode:
+
+                // A projection map maps from passed column names to database column names
+                queryBuilder.setProjectionMap(values);
+                break;
+            default:
+                throw new IllegalArgumentException("Unknown URI " + uri);
+        }
+
+        // Cursor provides read and write access to the database
+        Cursor cursor = queryBuilder.query(sqlDB, projection, selection, selectionArgs, null,
+                null, sortOrder);
+
+        // Register to watch for URI changes
+        cursor.setNotificationUri(getContext().getContentResolver(), uri);
+        return cursor;
+    }
+
+    // Handles requests for the MIME type (Type of Data) of the data at the URI
+    @Override
+    public String getType(Uri uri) {
+
+        // Used to match uris with Content Providers
+        switch (uriMatcher.match(uri)) {
+
+            case uriCode:
+                return "vnd.android.cursor.dir/data";
+
+            default:
+                throw new IllegalArgumentException("Unsupported URI: " + uri);
+        }
+    }
+
+    // Used to insert a new row into the provider
+    // Receives the URI (Uniform Resource Identifier) for the Content Provider and a set of values
+    @Override
+    public Uri insert(Uri uri, ContentValues values) {
+
+        // Gets the row id after inserting a map with the keys representing the the column
+        // names and their values. The second attribute is used when you try to insert
+        // an empty row
+        long rowID = sqlDB.insert(TABLE_NAME, null, values);
+
+        // Verify a row has been added
+        if (rowID > 0) {
+
+            // Append the given id to the path and return a Builder used to manipulate URI
+            // references
+            Uri _uri = ContentUris.withAppendedId(CONTENT_URL, rowID);
+
+            // getContentResolver provides access to the content model
+            // notifyChange notifies all observers that a row was updated
+            getContext().getContentResolver().notifyChange(_uri, null);
+
+            // Return the Builder used to manipulate the URI
+            return _uri;
+        }
+        Toast.makeText(getContext(), "Row Insert Failed", Toast.LENGTH_LONG).show();
+        return null;
+    }
+
+    // Deletes a row or a selection of rows
+    @Override
+    public int delete(Uri uri, String selection, String[] selectionArgs) {
+        int rowsDeleted = 0;
+
+        // Used to match uris with Content Providers
+        switch (uriMatcher.match(uri)) {
+            case uriCode:
+                rowsDeleted = sqlDB.delete(TABLE_NAME, selection, selectionArgs);
+                break;
+            default:
+                throw new IllegalArgumentException("Unknown URI " + uri);
+        }
+
+        // getContentResolver provides access to the content model
+        // notifyChange notifies all observers that a row was updated
+        getContext().getContentResolver().notifyChange(uri, null);
+        return rowsDeleted;
+    }
+
+    // Used to update a row or a selection of rows
+    // Returns to number of rows updated
+    @Override
+    public int update(Uri uri, ContentValues values, String selection, String[] selectionArgs) {
+        int rowsUpdated = 0;
+
+        // Used to match uris with Content Providers
+        switch (uriMatcher.match(uri)) {
+            case uriCode:
+
+                // Update the row or rows of data
+                rowsUpdated = sqlDB.update(TABLE_NAME, values, selection, selectionArgs);
+                break;
+            default:
+                throw new IllegalArgumentException("Unknown URI " + uri);
+        }
+
+        // getContentResolver provides access to the content model
+        // notifyChange notifies all observers that a row was updated
+        getContext().getContentResolver().notifyChange(uri, null);
+        return rowsUpdated;
+    }
+
+    private static class DatabaseHelper extends SQLiteOpenHelper {
+        DatabaseHelper(Context context) {
+            super(context, DATABASE_NAME, null, DATABASE_VERSION);
+        }
+
+        @Override
+        public void onCreate(SQLiteDatabase sqlDB) {
+            sqlDB.execSQL(CREATE_DB_TABLE);
+        }
+
+        // Recreates the table when the database needs to be upgraded
+        @Override
+        public void onUpgrade(SQLiteDatabase sqlDB, int oldVersion, int newVersion) {
+            sqlDB.execSQL("DROP TABLE IF EXISTS " + TABLE_NAME);
+            onCreate(sqlDB);
+        }
+
+    }
+}
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/layout/activity_main.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/layout/activity_main.xml
new file mode 100644
index 000000000..db483408e
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/layout/activity_main.xml
@@ -0,0 +1,32 @@
+<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent"
+    android:layout_height="match_parent" android:paddingLeft="@dimen/activity_horizontal_margin"
+    android:paddingRight="@dimen/activity_horizontal_margin"
+    android:background="@mipmap/background"
+    android:paddingTop="180dp"
+    android:paddingBottom="@dimen/activity_vertical_margin" tools:context=".MainActivity">
+
+    <EditText
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:id="@+id/keyEditText"
+        android:textColorHint="#FFFFFF"
+        android:textColor="#FFFFFF"
+        android:background="@xml/edittext"
+        android:layout_alignParentTop="true"
+        android:layout_alignParentLeft="true"
+        android:layout_alignParentStart="true"
+        android:hint="Add Secret" />
+
+    <Button
+        android:layout_width="match_parent"
+        android:layout_height="wrap_content"
+        android:id="@+id/addContactButton"
+        android:text="Submit Secret"
+        android:background="@xml/button"
+        android:onClick="addKey"
+        android:layout_below="@+id/keyEditText"
+        android:layout_alignParentRight="true"
+        android:layout_alignParentEnd="true" />
+
+</RelativeLayout>
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/menu/menu_main.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/menu/menu_main.xml
new file mode 100644
index 000000000..a1045e91c
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/menu/menu_main.xml
@@ -0,0 +1,6 @@
+<menu xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:app="http://schemas.android.com/apk/res-auto"
+    xmlns:tools="http://schemas.android.com/tools" tools:context=".MainActivity">
+    <item android:id="@+id/action_settings" android:title="@string/action_settings"
+        android:orderInCategory="100" app:showAsAction="never" />
+</menu>
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-hdpi/background.jpg b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-hdpi/background.jpg
new file mode 100644
index 000000000..6aa840163
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-hdpi/background.jpg differ
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-hdpi/ic_launcher.png b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-hdpi/ic_launcher.png
new file mode 100644
index 000000000..d446b617b
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-hdpi/ic_launcher.png differ
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-mdpi/background.jpg b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-mdpi/background.jpg
new file mode 100644
index 000000000..6aa840163
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-mdpi/background.jpg differ
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-mdpi/ic_launcher.png b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-mdpi/ic_launcher.png
new file mode 100644
index 000000000..d446b617b
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-mdpi/ic_launcher.png differ
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xhdpi/background.jpg b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xhdpi/background.jpg
new file mode 100644
index 000000000..6aa840163
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xhdpi/background.jpg differ
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xhdpi/ic_launcher.png b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xhdpi/ic_launcher.png
new file mode 100644
index 000000000..d446b617b
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xhdpi/ic_launcher.png differ
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xxhdpi/ic_launcher.png b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
new file mode 100644
index 000000000..d446b617b
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/app/src/main/res/mipmap-xxhdpi/ic_launcher.png differ
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/values-w820dp/dimens.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/values-w820dp/dimens.xml
new file mode 100644
index 000000000..62df1875a
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/values-w820dp/dimens.xml
@@ -0,0 +1,6 @@
+<resources>
+    <!-- Example customization of dimensions originally defined in res/values/dimens.xml
+         (such as screen margins) for screens with more than 820dp of available width. This
+         would include 7" and 10" devices in landscape (~960dp and ~1280dp respectively). -->
+    <dimen name="activity_horizontal_margin">64dp</dimen>
+</resources>
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/values/dimens.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/values/dimens.xml
new file mode 100644
index 000000000..295b5a9de
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/values/dimens.xml
@@ -0,0 +1,5 @@
+<resources>
+    <!-- Default screen margins, per the Android Design guidelines. -->
+    <dimen name="activity_horizontal_margin">16dp</dimen>
+    <dimen name="activity_vertical_margin">16dp</dimen>
+</resources>
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/values/strings.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/values/strings.xml
new file mode 100644
index 000000000..f9a450926
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/values/strings.xml
@@ -0,0 +1,5 @@
+<resources>
+    <string name="app_name">CProviderLeakage1</string>
+
+    <string name="action_settings">Settings</string>
+</resources>
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/values/styles.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/values/styles.xml
new file mode 100644
index 000000000..084b42b7b
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/values/styles.xml
@@ -0,0 +1,8 @@
+<resources>
+
+    <!-- Base application theme. -->
+    <style name="AppTheme" parent="Theme.AppCompat.Light.DarkActionBar">
+        <!-- Customize your theme here. -->
+    </style>
+
+</resources>
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/box.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/box.xml
new file mode 100644
index 000000000..01b05ff14
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/box.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<layer-list xmlns:android="http://schemas.android.com/apk/res/android" >
+
+    <item>
+        <shape>
+            <solid android:color="#ff000000" />
+                <corners android:radius="20dp"/>
+                <padding android:left="10dp" android:right="10dp" android:top="10dp" android:bottom="10dp"/>
+                <solid android:color="#CCCCCC"/>
+        </shape>
+    </item>
+
+    <!-- main color -->
+    <item
+        android:bottom="2.5dp"
+        android:left="2.5dp"
+        android:right="2.5dp">
+        <shape>
+            <solid android:color="#000" />
+        </shape>
+    </item>
+
+    <!-- draw another block to cut-off the left and right bars -->
+    <item android:bottom="5.0dp">
+        <shape>
+            <solid android:color="#ff000000" />
+        </shape>
+    </item>
+
+</layer-list>
\ No newline at end of file
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/button.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/button.xml
new file mode 100644
index 000000000..c40df4e64
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/button.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="utf-8"?>
+<selector xmlns:android="http://schemas.android.com/apk/res/android">
+    <item android:state_pressed="true" >
+        <shape>
+            <solid
+                android:color="#ff000c72" />
+            <stroke
+                android:width="1dp"
+                android:color="#ff002266" />
+            <corners
+                android:radius="2dp" />
+            <padding
+                android:left="10dp"
+                android:top="10dp"
+                android:right="10dp"
+                android:bottom="10dp" />
+        </shape>
+    </item>
+    <item>
+        <shape>
+            <gradient
+                android:startColor="#ff823dae"
+                android:endColor="#6a3ab2"
+                android:angle="270" />
+            <stroke
+                android:width="1dp"
+                android:color="#6a3ab2" />
+            <corners
+                android:radius="4dp" />
+            <padding
+                android:left="10dp"
+                android:top="10dp"
+                android:right="10dp"
+                android:bottom="10dp" />
+        </shape>
+    </item>
+</selector>
\ No newline at end of file
diff --git a/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/edittext.xml b/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/edittext.xml
new file mode 100644
index 000000000..7c71442a0
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/app/src/main/res/xml/edittext.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+  <layer-list xmlns:android="http://schemas.android.com/apk/res/android" >
+
+<item>
+    <shape>
+        <solid android:color="#c2c2c2" />
+    </shape>
+</item>
+
+<!-- main color -->
+<item
+    android:bottom="2.5dp"
+    android:left="2.5dp"
+    android:right="2.5dp">
+    <shape>
+        <solid android:color="#000" />
+    </shape>
+</item>
+
+<!-- draw another block to cut-off the left and right bars -->
+<item android:bottom="5.0dp">
+    <shape>
+        <solid android:color="#000" />
+    </shape>
+</item>
+
+</layer-list>
\ No newline at end of file
diff --git a/MobileShepherd/CProviderLeakage1/build.gradle b/MobileShepherd/CProviderLeakage1/build.gradle
new file mode 100644
index 000000000..80003fb65
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/build.gradle
@@ -0,0 +1,19 @@
+// Top-level build file where you can add configuration options common to all sub-projects/modules.
+
+buildscript {
+    repositories {
+        jcenter()
+    }
+    dependencies {
+        classpath 'com.android.tools.build:gradle:1.2.3'
+
+        // NOTE: Do not place your application dependencies here; they belong
+        // in the individual module build.gradle files
+    }
+}
+
+allprojects {
+    repositories {
+        jcenter()
+    }
+}
diff --git a/MobileShepherd/CProviderLeakage1/gradle.properties b/MobileShepherd/CProviderLeakage1/gradle.properties
new file mode 100644
index 000000000..9b6ae2a0f
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/gradle.properties
@@ -0,0 +1,18 @@
+# Project-wide Gradle settings.
+
+# IDE (e.g. Android Studio) users:
+# Gradle settings configured through the IDE *will override*
+# any settings specified in this file.
+
+# For more details on how to configure your build environment visit
+# http://www.gradle.org/docs/current/userguide/build_environment.html
+
+# Specifies the JVM arguments used for the daemon process.
+# The setting is particularly useful for tweaking memory settings.
+# Default value: -Xmx10248m -XX:MaxPermSize=256m
+# org.gradle.jvmargs=-Xmx2048m -XX:MaxPermSize=512m -XX:+HeapDumpOnOutOfMemoryError -Dfile.encoding=UTF-8
+
+# When configured, Gradle will run in incubating parallel mode.
+# This option should only be used with decoupled projects. More details, visit
+# http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
+# org.gradle.parallel=true
\ No newline at end of file
diff --git a/MobileShepherd/CProviderLeakage1/gradle/wrapper/gradle-wrapper.jar b/MobileShepherd/CProviderLeakage1/gradle/wrapper/gradle-wrapper.jar
new file mode 100644
index 000000000..8c0fb64a8
Binary files /dev/null and b/MobileShepherd/CProviderLeakage1/gradle/wrapper/gradle-wrapper.jar differ
diff --git a/MobileShepherd/CProviderLeakage1/gradle/wrapper/gradle-wrapper.properties b/MobileShepherd/CProviderLeakage1/gradle/wrapper/gradle-wrapper.properties
new file mode 100644
index 000000000..0c71e760d
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/gradle/wrapper/gradle-wrapper.properties
@@ -0,0 +1,6 @@
+#Wed Apr 10 15:27:10 PDT 2013
+distributionBase=GRADLE_USER_HOME
+distributionPath=wrapper/dists
+zipStoreBase=GRADLE_USER_HOME
+zipStorePath=wrapper/dists
+distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip
diff --git a/MobileShepherd/CProviderLeakage1/gradlew b/MobileShepherd/CProviderLeakage1/gradlew
new file mode 100644
index 000000000..91a7e269e
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/gradlew
@@ -0,0 +1,164 @@
+#!/usr/bin/env bash
+
+##############################################################################
+##
+##  Gradle start up script for UN*X
+##
+##############################################################################
+
+# Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+DEFAULT_JVM_OPTS=""
+
+APP_NAME="Gradle"
+APP_BASE_NAME=`basename "$0"`
+
+# Use the maximum available, or set MAX_FD != -1 to use that value.
+MAX_FD="maximum"
+
+warn ( ) {
+    echo "$*"
+}
+
+die ( ) {
+    echo
+    echo "$*"
+    echo
+    exit 1
+}
+
+# OS specific support (must be 'true' or 'false').
+cygwin=false
+msys=false
+darwin=false
+case "`uname`" in
+  CYGWIN* )
+    cygwin=true
+    ;;
+  Darwin* )
+    darwin=true
+    ;;
+  MINGW* )
+    msys=true
+    ;;
+esac
+
+# For Cygwin, ensure paths are in UNIX format before anything is touched.
+if $cygwin ; then
+    [ -n "$JAVA_HOME" ] && JAVA_HOME=`cygpath --unix "$JAVA_HOME"`
+fi
+
+# Attempt to set APP_HOME
+# Resolve links: $0 may be a link
+PRG="$0"
+# Need this for relative symlinks.
+while [ -h "$PRG" ] ; do
+    ls=`ls -ld "$PRG"`
+    link=`expr "$ls" : '.*-> \(.*\)$'`
+    if expr "$link" : '/.*' > /dev/null; then
+        PRG="$link"
+    else
+        PRG=`dirname "$PRG"`"/$link"
+    fi
+done
+SAVED="`pwd`"
+cd "`dirname \"$PRG\"`/" >&-
+APP_HOME="`pwd -P`"
+cd "$SAVED" >&-
+
+CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
+
+# Determine the Java command to use to start the JVM.
+if [ -n "$JAVA_HOME" ] ; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
+        # IBM's JDK on AIX uses strange locations for the executables
+        JAVACMD="$JAVA_HOME/jre/sh/java"
+    else
+        JAVACMD="$JAVA_HOME/bin/java"
+    fi
+    if [ ! -x "$JAVACMD" ] ; then
+        die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+    fi
+else
+    JAVACMD="java"
+    which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+
+Please set the JAVA_HOME variable in your environment to match the
+location of your Java installation."
+fi
+
+# Increase the maximum file descriptors if we can.
+if [ "$cygwin" = "false" -a "$darwin" = "false" ] ; then
+    MAX_FD_LIMIT=`ulimit -H -n`
+    if [ $? -eq 0 ] ; then
+        if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
+            MAX_FD="$MAX_FD_LIMIT"
+        fi
+        ulimit -n $MAX_FD
+        if [ $? -ne 0 ] ; then
+            warn "Could not set maximum file descriptor limit: $MAX_FD"
+        fi
+    else
+        warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
+    fi
+fi
+
+# For Darwin, add options to specify how the application appears in the dock
+if $darwin; then
+    GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
+fi
+
+# For Cygwin, switch paths to Windows format before running java
+if $cygwin ; then
+    APP_HOME=`cygpath --path --mixed "$APP_HOME"`
+    CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
+
+    # We build the pattern for arguments to be converted via cygpath
+    ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
+    SEP=""
+    for dir in $ROOTDIRSRAW ; do
+        ROOTDIRS="$ROOTDIRS$SEP$dir"
+        SEP="|"
+    done
+    OURCYGPATTERN="(^($ROOTDIRS))"
+    # Add a user-defined pattern to the cygpath arguments
+    if [ "$GRADLE_CYGPATTERN" != "" ] ; then
+        OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
+    fi
+    # Now convert the arguments - kludge to limit ourselves to /bin/sh
+    i=0
+    for arg in "$@" ; do
+        CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
+        CHECK2=`echo "$arg"|egrep -c "^-"`                                 ### Determine if an option
+
+        if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then                    ### Added a condition
+            eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
+        else
+            eval `echo args$i`="\"$arg\""
+        fi
+        i=$((i+1))
+    done
+    case $i in
+        (0) set -- ;;
+        (1) set -- "$args0" ;;
+        (2) set -- "$args0" "$args1" ;;
+        (3) set -- "$args0" "$args1" "$args2" ;;
+        (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
+        (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
+        (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
+        (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
+        (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
+        (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
+    esac
+fi
+
+# Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules
+function splitJvmOpts() {
+    JVM_OPTS=("$@")
+}
+eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS
+JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME"
+
+exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@"
diff --git a/MobileShepherd/CProviderLeakage1/gradlew.bat b/MobileShepherd/CProviderLeakage1/gradlew.bat
new file mode 100644
index 000000000..aec99730b
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/gradlew.bat
@@ -0,0 +1,90 @@
+@if "%DEBUG%" == "" @echo off
+@rem ##########################################################################
+@rem
+@rem  Gradle startup script for Windows
+@rem
+@rem ##########################################################################
+
+@rem Set local scope for the variables with windows NT shell
+if "%OS%"=="Windows_NT" setlocal
+
+@rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
+set DEFAULT_JVM_OPTS=
+
+set DIRNAME=%~dp0
+if "%DIRNAME%" == "" set DIRNAME=.
+set APP_BASE_NAME=%~n0
+set APP_HOME=%DIRNAME%
+
+@rem Find java.exe
+if defined JAVA_HOME goto findJavaFromJavaHome
+
+set JAVA_EXE=java.exe
+%JAVA_EXE% -version >NUL 2>&1
+if "%ERRORLEVEL%" == "0" goto init
+
+echo.
+echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:findJavaFromJavaHome
+set JAVA_HOME=%JAVA_HOME:"=%
+set JAVA_EXE=%JAVA_HOME%/bin/java.exe
+
+if exist "%JAVA_EXE%" goto init
+
+echo.
+echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
+echo.
+echo Please set the JAVA_HOME variable in your environment to match the
+echo location of your Java installation.
+
+goto fail
+
+:init
+@rem Get command-line arguments, handling Windowz variants
+
+if not "%OS%" == "Windows_NT" goto win9xME_args
+if "%@eval[2+2]" == "4" goto 4NT_args
+
+:win9xME_args
+@rem Slurp the command line arguments.
+set CMD_LINE_ARGS=
+set _SKIP=2
+
+:win9xME_args_slurp
+if "x%~1" == "x" goto execute
+
+set CMD_LINE_ARGS=%*
+goto execute
+
+:4NT_args
+@rem Get arguments from the 4NT Shell from JP Software
+set CMD_LINE_ARGS=%$
+
+:execute
+@rem Setup the command line
+
+set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
+
+@rem Execute Gradle
+"%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
+
+:end
+@rem End local scope for the variables with windows NT shell
+if "%ERRORLEVEL%"=="0" goto mainEnd
+
+:fail
+rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
+rem the _cmd.exe /c_ return code!
+if  not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
+exit /b 1
+
+:mainEnd
+if "%OS%"=="Windows_NT" endlocal
+
+:omega
diff --git a/MobileShepherd/CProviderLeakage1/settings.gradle b/MobileShepherd/CProviderLeakage1/settings.gradle
new file mode 100644
index 000000000..d3db1092c
--- /dev/null
+++ b/MobileShepherd/CProviderLeakage1/settings.gradle
@@ -0,0 +1 @@
+include ':app'
diff --git a/MobileShepherd/PoorAuthentication/app/src/main/res/layout/broken.xml b/MobileShepherd/PoorAuthentication/app/src/main/res/layout/broken.xml
index 748a27ab5..17fc61e3f 100644
--- a/MobileShepherd/PoorAuthentication/app/src/main/res/layout/broken.xml
+++ b/MobileShepherd/PoorAuthentication/app/src/main/res/layout/broken.xml
@@ -1,79 +1,80 @@
-<?xml version="1.0" encoding="utf-8"?>
-<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
-    android:id="@+id/background"
-    android:layout_width="match_parent"
-    android:layout_height="match_parent"
-    android:background="@drawable/background"
-     >
-
-                    <TextView
-                        android:id="@+id/tvTitle"
-                        android:layout_width="wrap_content"
-                        android:layout_height="wrap_content"
-                        android:layout_alignLeft="@+id/etName"
-                        android:layout_alignParentTop="true"
-                        android:layout_marginTop="81dp"
-                        android:text="Login"
-                        android:textAppearance="?android:attr/textAppearanceLarge"
-                        android:textColor="#DA70D6" />
-
-                    <EditText
-                        android:id="@+id/etName"
-                        android:layout_width="wrap_content"
-                        android:layout_height="wrap_content"
-                        android:layout_alignLeft="@+id/etPass"
-                        android:layout_alignRight="@+id/etPass"
-                        android:layout_below="@+id/tvTitle"
-                        android:layout_marginTop="25dp"
-                        android:ems="10"
-                        android:background="@drawable/edittext"
-                        android:hint="Username"
-                        android:textAppearance="?android:attr/textAppearanceLarge"
-                        android:textColor="#DA70D6" />
-
-                    <EditText
-                        android:id="@+id/etPass"
-                        android:layout_width="wrap_content"
-                        android:layout_height="wrap_content"
-                        android:layout_below="@+id/etName"
-                        android:layout_centerHorizontal="true"
-                        android:layout_marginTop="35dp"
-                        android:ems="10"
-                        android:hint="Password"
-                        android:inputType="textPassword"
-                        android:background="@drawable/edittext"
-                        android:textAppearance="?android:attr/textAppearanceLarge"
-                        android:textColor="#DA70D6" >
-
-                        <requestFocus />
-                    </EditText>
-
-                    <Button
-                        android:id="@+id/bLogin"
-                        android:layout_width="wrap_content"
-                        android:layout_height="wrap_content"
-                        android:layout_below="@+id/etPass"
-                        android:layout_marginTop="33dp"
-                        android:background="@drawable/button"
-                        android:filterTouchesWhenObscured="true"
-                        android:text="Login"
-                        android:layout_alignRight="@+id/etPass"
-                        android:layout_alignEnd="@+id/etPass"
-                        android:layout_alignLeft="@+id/etPass"
-                        android:layout_alignStart="@+id/etPass" />
-
-                    <Button
-                        android:id="@+id/bForgot"
-                        style="?android:attr/buttonStyleSmall"
-                        android:layout_width="wrap_content"
-                        android:layout_height="wrap_content"
-                        android:layout_below="@+id/bLogin"
-                        android:background="@drawable/button"
-                        android:layout_marginTop="26dp"
-                        android:text="Reset"
-                        android:layout_alignRight="@+id/bLogin"
-                        android:layout_alignEnd="@+id/bLogin"
-                        android:layout_alignLeft="@+id/bLogin"
-                        android:layout_alignStart="@+id/bLogin" />
-
+<?xml version="1.0" encoding="utf-8"?>
+<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:id="@+id/background"
+    android:layout_width="match_parent"
+    android:layout_height="match_parent"
+    android:background="@drawable/background"
+     >
+
+                    <TextView
+                        android:id="@+id/tvTitle"
+                        android:layout_width="wrap_content"
+                        android:layout_height="wrap_content"
+                        android:layout_alignLeft="@+id/etName"
+                        android:layout_alignParentTop="true"
+                        android:layout_marginTop="81dp"
+                        android:text="Login"
+                        android:textAppearance="?android:attr/textAppearanceLarge"
+                        android:textColor="#DA70D6" />
+
+                    <EditText
+                        android:id="@+id/etName"
+                        android:layout_width="wrap_content"
+                        android:layout_height="wrap_content"
+                        android:layout_alignLeft="@+id/etPass"
+                        android:layout_alignRight="@+id/etPass"
+                        android:layout_below="@+id/tvTitle"
+                        android:layout_marginTop="25dp"
+                        android:ems="10"
+                        android:background="@drawable/edittext"
+                        android:hint="Username"
+                        android:textAppearance="?android:attr/textAppearanceLarge"
+                        android:textColor="#DA70D6" />
+                        <requestFocus />
+
+
+                        <EditText
+                        android:id="@+id/etPass"
+                        android:layout_width="wrap_content"
+                        android:layout_height="wrap_content"
+                        android:layout_below="@+id/etName"
+                        android:layout_centerHorizontal="true"
+                        android:layout_marginTop="35dp"
+                        android:ems="10"
+                        android:hint="Password"
+                        android:inputType="textPassword"
+                        android:background="@drawable/edittext"
+                        android:textAppearance="?android:attr/textAppearanceLarge"
+                        android:textColor="#DA70D6" >
+
+                    </EditText>
+
+                    <Button
+                        android:id="@+id/bLogin"
+                        android:layout_width="wrap_content"
+                        android:layout_height="wrap_content"
+                        android:layout_below="@+id/etPass"
+                        android:layout_marginTop="33dp"
+                        android:background="@drawable/button"
+                        android:filterTouchesWhenObscured="true"
+                        android:text="Login"
+                        android:layout_alignRight="@+id/etPass"
+                        android:layout_alignEnd="@+id/etPass"
+                        android:layout_alignLeft="@+id/etPass"
+                        android:layout_alignStart="@+id/etPass" />
+
+                    <Button
+                        android:id="@+id/bForgot"
+                        style="?android:attr/buttonStyleSmall"
+                        android:layout_width="wrap_content"
+                        android:layout_height="wrap_content"
+                        android:layout_below="@+id/bLogin"
+                        android:background="@drawable/button"
+                        android:layout_marginTop="26dp"
+                        android:text="Reset"
+                        android:layout_alignRight="@+id/bLogin"
+                        android:layout_alignEnd="@+id/bLogin"
+                        android:layout_alignLeft="@+id/bLogin"
+                        android:layout_alignStart="@+id/bLogin" />
+
 </RelativeLayout>
\ No newline at end of file
diff --git a/MobileShepherd/PoorAuthentication2/app/build.gradle b/MobileShepherd/PoorAuthentication2/app/build.gradle
index 2a5c180f8..14eb4bf41 100644
--- a/MobileShepherd/PoorAuthentication2/app/build.gradle
+++ b/MobileShepherd/PoorAuthentication2/app/build.gradle
@@ -21,5 +21,9 @@ android {
 
 dependencies {
     compile fileTree(dir: 'libs', include: ['*.jar'])
-    compile 'com.android.support:appcompat-v7:22.2.0'
+    androidTestCompile 'com.jayway.android.robotium:robotium-solo:5.2.1'
+
+    compile 'com.android.support:appcompat-v7:21.0.3'
+    compile files('libs/sqlcipher-javadoc.jar')
+    compile files('libs/sqlcipher.jar')
 }
diff --git a/MobileShepherd/PoorAuthentication2/app/libs/robotium-solo-5.3.1.jar b/MobileShepherd/PoorAuthentication2/app/libs/robotium-solo-5.3.1.jar
new file mode 100644
index 000000000..d7f816c4c
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/libs/robotium-solo-5.3.1.jar differ
diff --git a/MobileShepherd/PoorAuthentication2/app/libs/sqlcipher-javadoc.jar b/MobileShepherd/PoorAuthentication2/app/libs/sqlcipher-javadoc.jar
new file mode 100644
index 000000000..ffaa00f45
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/libs/sqlcipher-javadoc.jar differ
diff --git a/MobileShepherd/PoorAuthentication2/app/libs/sqlcipher.jar b/MobileShepherd/PoorAuthentication2/app/libs/sqlcipher.jar
new file mode 100644
index 000000000..4d91f837a
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/libs/sqlcipher.jar differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/AndroidManifest.xml b/MobileShepherd/PoorAuthentication2/app/src/main/AndroidManifest.xml
index 61bbc4523..b92e19129 100644
--- a/MobileShepherd/PoorAuthentication2/app/src/main/AndroidManifest.xml
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/AndroidManifest.xml
@@ -8,14 +8,21 @@
         android:label="@string/app_name"
         android:theme="@style/AppTheme" >
         <activity
-            android:name=".MainActivity"
-            android:label="@string/app_name" >
-            <intent-filter>
-                <action android:name="android.intent.action.MAIN" />
+        android:name=".MainActivity"
+        android:label="@string/app_name" >
+        <intent-filter>
+            <action android:name="android.intent.action.MAIN" />
+
+            <category android:name="android.intent.category.LAUNCHER" />
+        </intent-filter>
+    </activity>
+
 
-                <category android:name="android.intent.category.LAUNCHER" />
-            </intent-filter>
+        <activity
+            android:name=".Register"
+            android:label="@string/app_name" >
         </activity>
+
     </application>
 
 </manifest>
diff --git a/MobileShepherd/CSInjection/app/src/main/assets/icudt46l.zip b/MobileShepherd/PoorAuthentication2/app/src/main/assets/icudt46l.zip
similarity index 100%
rename from MobileShepherd/CSInjection/app/src/main/assets/icudt46l.zip
rename to MobileShepherd/PoorAuthentication2/app/src/main/assets/icudt46l.zip
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/DBHelper.java b/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/DBHelper.java
new file mode 100644
index 000000000..bd22c4e99
--- /dev/null
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/DBHelper.java
@@ -0,0 +1,71 @@
+package com.mobshep.poorauthentication2;
+
+import android.content.Context;
+import android.database.sqlite.SQLiteException;
+import android.util.Log;
+import android.widget.Toast;
+
+import net.sqlcipher.database.SQLiteDatabase;
+import net.sqlcipher.database.SQLiteStatement;
+
+
+import java.io.File;
+import java.sql.PreparedStatement;
+
+/**
+ * Created by sean on 11/10/2015.
+ */
+public class DBHelper {
+
+    protected void createKeyTable(Context context)
+    {
+
+        SQLiteDatabase.loadLibs(context);
+
+        String dbPath = context.getDatabasePath("Users.db").getPath();
+        SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase(dbPath,
+                "", null);
+    }
+
+    public void insertData(Context context, String Username, String Password){
+        SQLiteDatabase.loadLibs(context);
+
+        String dbPath = context.getDatabasePath("Users.db").getPath();
+        SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase(dbPath,
+                "", null);
+
+        SQLiteStatement stmt = db.compileStatement("INSERT INTO Users (username,password) VALUES(?,?)");
+        stmt.bindString(1, Username);
+        stmt.bindString(2, Password);
+        stmt.execute();
+    }
+
+    public void populateTable(Context context, String password) {
+        try {
+            try {
+                SQLiteDatabase.loadLibs(context);
+
+                String dbPath = context.getDatabasePath("Users.db").getPath();
+
+                File dbPathFile = new File(dbPath);
+                if (!dbPathFile.exists())
+                    dbPathFile.getParentFile().mkdirs();
+
+                SQLiteDatabase db = SQLiteDatabase.openOrCreateDatabase(dbPath,
+                        "", null);
+
+                db.execSQL("DROP TABLE IF EXISTS Users");
+                db.execSQL("CREATE TABLE Users(memID INTEGER PRIMARY KEY AUTOINCREMENT, username TEXT, password VARCHAR)");
+
+
+            } catch (Exception e) {
+                // TODO Auto-generated catch block
+                Log.d("DBHelper", "The following error occured:" + e.getMessage());
+
+            }
+
+        } catch (SQLiteException e) {
+            Log.i ("", "An database error occurred.");
+        }
+    }
+}
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/MainActivity.java b/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/MainActivity.java
index d3a02abad..37813eb4a 100644
--- a/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/MainActivity.java
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/MainActivity.java
@@ -1,9 +1,11 @@
 package com.mobshep.poorauthentication2;
 
+import android.content.Intent;
 import android.support.v7.app.ActionBarActivity;
 import android.os.Bundle;
 import android.view.Menu;
 import android.view.MenuItem;
+import android.view.View;
 
 
 public class MainActivity extends ActionBarActivity {
@@ -12,8 +14,25 @@ public class MainActivity extends ActionBarActivity {
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
         setContentView(R.layout.activity_main);
+
+        DBHelper dbInstance;
+        dbInstance = new DBHelper();
+        dbInstance.populateTable(this,"");
+
+
+    }
+
+    public void registerClicked(View v){
+        Intent register = new Intent(this, Register.class);
+        startActivity(register);
+    }
+
+    public void loginClicked(View v){
+        //query db for row, if all fields satisfied, return key.
+
     }
 
+
     @Override
     public boolean onCreateOptionsMenu(Menu menu) {
         // Inflate the menu; this adds items to the action bar if it is present.
@@ -28,11 +47,21 @@ public boolean onOptionsItemSelected(MenuItem item) {
         // as you specify a parent activity in AndroidManifest.xml.
         int id = item.getItemId();
 
+        //turn into switch
+
         //noinspection SimplifiableIfStatement
         if (id == R.id.action_settings) {
             return true;
         }
 
+        if (id == R.id.action_license){
+
+        }
+
+        if (id == R.id.action_exit){
+
+        }
+
         return super.onOptionsItemSelected(item);
     }
 }
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/Register.java b/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/Register.java
new file mode 100644
index 000000000..27cdb5961
--- /dev/null
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/java/com/mobshep/poorauthentication2/Register.java
@@ -0,0 +1,21 @@
+package com.mobshep.poorauthentication2;
+
+import android.app.Activity;
+import android.os.Bundle;
+
+/**
+ * Created by sean on 11/10/2015.
+ */
+public class Register extends Activity {
+
+    @Override
+    protected void onCreate(Bundle savedInstanceState) {
+        super.onCreate(savedInstanceState);
+        setContentView(R.layout.register_layout);
+    }
+
+private void register(){
+
+}
+
+}
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libdatabase_sqlcipher.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libdatabase_sqlcipher.so
new file mode 100644
index 000000000..7bafa31a7
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libdatabase_sqlcipher.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libsqlcipher_android.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libsqlcipher_android.so
new file mode 100644
index 000000000..c19a7c4de
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libsqlcipher_android.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libstlport_shared.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libstlport_shared.so
new file mode 100644
index 000000000..0ec49f443
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi-v7a/libstlport_shared.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libdatabase_sqlcipher.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libdatabase_sqlcipher.so
new file mode 100644
index 000000000..dfc03dde2
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libdatabase_sqlcipher.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libsqlcipher_android.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libsqlcipher_android.so
new file mode 100644
index 000000000..d4d095c54
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libsqlcipher_android.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libstlport_shared.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libstlport_shared.so
new file mode 100644
index 000000000..050818bb0
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/armeabi/libstlport_shared.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libdatabase_sqlcipher.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libdatabase_sqlcipher.so
new file mode 100644
index 000000000..0d7871fed
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libdatabase_sqlcipher.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libsqlcipher_android.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libsqlcipher_android.so
new file mode 100644
index 000000000..51620697b
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libsqlcipher_android.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libstlport_shared.so b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libstlport_shared.so
new file mode 100644
index 000000000..a5e8b357a
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/jniLibs/x86/libstlport_shared.so differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/layout/activity_main.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/layout/activity_main.xml
index 1f8ac75ce..f722a01bc 100644
--- a/MobileShepherd/PoorAuthentication2/app/src/main/res/layout/activity_main.xml
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/layout/activity_main.xml
@@ -1,11 +1,81 @@
-<RelativeLayout xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:tools="http://schemas.android.com/tools" android:layout_width="match_parent"
-    android:layout_height="match_parent" android:paddingLeft="@dimen/activity_horizontal_margin"
-    android:paddingRight="@dimen/activity_horizontal_margin"
-    android:paddingTop="@dimen/activity_vertical_margin"
-    android:paddingBottom="@dimen/activity_vertical_margin" tools:context=".MainActivity">
+<LinearLayout
+    xmlns:android="http://schemas.android.com/apk/res/android"
+    android:layout_width="fill_parent"
+    android:layout_height="fill_parent"
+    android:orientation="vertical"
+    android:background="@mipmap/background"
+    android:weightSum="1">
+    <RelativeLayout android:id="@+id/Spacer"
+        android:layout_width="fill_parent"
+        android:orientation="horizontal"
+        android:layout_height="40dp"
+        android:layout_weight="0.12">
+    </RelativeLayout>
+    <RelativeLayout android:id="@+id/RelativeLayout01"
+        android:layout_width="fill_parent"
+        android:layout_height="150dp"
+        xmlns:android="http://schemas.android.com/apk/res/android"
+        android:layout_weight="0.31">
 
-    <TextView android:text="@string/hello_world" android:layout_width="wrap_content"
-        android:layout_height="wrap_content" />
+        <RelativeLayout android:id="@+id/innerBox"
+            android:layout_width="500dip"
+            android:background="@xml/box"
+            android:layout_height="fill_parent"
+            android:layout_centerHorizontal="true">
+            <requestFocus />
 
-</RelativeLayout>
+            <EditText
+                android:layout_width="wrap_content"
+                android:layout_height="wrap_content"
+                android:ems="10"
+                android:textColor="#FFFFFF"
+                android:hint="Username"
+                android:id="@+id/etUsername"
+                android:textColorHint="#ffbc00ff"
+                android:background="@xml/edittext"
+                android:layout_centerHorizontal="true"
+                android:layout_marginTop="25dp" />
+
+            <EditText
+                android:layout_width="wrap_content"
+                android:layout_height="wrap_content"
+                android:inputType="textPassword"
+                android:ems="10"
+                android:textColor="#FFFFFF"
+                android:hint="Password"
+                android:id="@+id/etPassword"
+                android:textColorHint="#ffbc00ff"
+                android:background="@xml/edittext"
+                android:layout_below="@+id/etUsername"
+                android:layout_centerHorizontal="true"
+                android:layout_marginTop="25dp" />
+
+            <Button
+                android:layout_width="wrap_content"
+                android:layout_height="wrap_content"
+                android:text="Login"
+                android:onClick="loginClicked"
+                android:id="@+id/bLogin"
+                android:layout_below="@+id/etPassword"
+                android:layout_alignLeft="@+id/etPassword"
+                android:layout_alignStart="@+id/etPassword"
+                android:layout_alignRight="@+id/etPassword"
+                android:layout_alignEnd="@+id/etPassword" />
+
+            <Button
+                android:layout_width="wrap_content"
+                android:layout_height="wrap_content"
+                android:text="Register"
+                android:onClick="registerClicked"
+                android:id="@+id/bRegister"
+                android:layout_below="@+id/bLogin"
+                android:layout_alignRight="@+id/bLogin"
+                android:layout_alignEnd="@+id/bLogin"
+                android:layout_alignLeft="@+id/bLogin"
+                android:layout_alignStart="@+id/bLogin" />
+
+        </RelativeLayout>
+
+    </RelativeLayout>
+
+</LinearLayout>
\ No newline at end of file
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/layout/register_layout.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/layout/register_layout.xml
new file mode 100644
index 000000000..fc0ef08b8
--- /dev/null
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/layout/register_layout.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="utf-8"?>
+<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
+    android:orientation="vertical" android:layout_width="match_parent"
+    android:layout_height="match_parent">
+
+</LinearLayout>
\ No newline at end of file
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/global.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/global.xml
index 326a6a7e2..12fbfa375 100644
--- a/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/global.xml
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/global.xml
@@ -1,5 +1,12 @@
 <menu xmlns:android="http://schemas.android.com/apk/res/android"
-    xmlns:app="http://schemas.android.com/apk/res-auto">
+    xmlns:app="http://schemas.android.com/apk/res-auto"
+    xmlns:tools="http://schemas.android.com/tools" tools:context=".MainActivity">
     <item android:id="@+id/action_settings" android:title="@string/action_settings"
         android:orderInCategory="100" app:showAsAction="never" />
-</menu>
+
+    <item android:id="@+id/action_license" android:title="@string/action_license"
+        android:orderInCategory="100" app:showAsAction="never" />
+
+    <item android:id="@+id/action_exit" android:title="@string/action_exit"
+        android:orderInCategory="100" app:showAsAction="never" />
+</menu>
\ No newline at end of file
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/menu_main.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/menu_main.xml
index a1045e91c..3d4361ecf 100644
--- a/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/menu_main.xml
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/menu/menu_main.xml
@@ -3,4 +3,10 @@
     xmlns:tools="http://schemas.android.com/tools" tools:context=".MainActivity">
     <item android:id="@+id/action_settings" android:title="@string/action_settings"
         android:orderInCategory="100" app:showAsAction="never" />
+
+    <item android:id="@+id/action_license" android:title="@string/action_license"
+        android:orderInCategory="100" app:showAsAction="never" />
+
+    <item android:id="@+id/action_exit" android:title="@string/action_exit"
+        android:orderInCategory="100" app:showAsAction="never" />
 </menu>
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-hdpi/background.jpg b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-hdpi/background.jpg
new file mode 100644
index 000000000..6aa840163
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-hdpi/background.jpg differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-hdpi/ic_launcher.png b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-hdpi/ic_launcher.png
index cde69bccc..d446b617b 100644
Binary files a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-hdpi/ic_launcher.png and b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-hdpi/ic_launcher.png differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-mdpi/ic_launcher.png b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-mdpi/ic_launcher.png
index c133a0cbd..d446b617b 100644
Binary files a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-mdpi/ic_launcher.png and b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-mdpi/ic_launcher.png differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xhdpi/ic_launcher.png b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xhdpi/ic_launcher.png
index bfa42f0e7..d446b617b 100644
Binary files a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xhdpi/ic_launcher.png and b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xhdpi/ic_launcher.png differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xxhdpi/background.jpg b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xxhdpi/background.jpg
new file mode 100644
index 000000000..6aa840163
Binary files /dev/null and b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xxhdpi/background.jpg differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xxhdpi/ic_launcher.png b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
index 324e72cdd..d446b617b 100644
Binary files a/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xxhdpi/ic_launcher.png and b/MobileShepherd/PoorAuthentication2/app/src/main/res/mipmap-xxhdpi/ic_launcher.png differ
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/values/strings.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/values/strings.xml
index eba911461..8ba58c907 100644
--- a/MobileShepherd/PoorAuthentication2/app/src/main/res/values/strings.xml
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/values/strings.xml
@@ -1,6 +1,9 @@
 <resources>
     <string name="app_name">PoorAuthentication2</string>
 
-    <string name="hello_world">Hello world!</string>
     <string name="action_settings">Settings</string>
+    <string name="action_license">License</string>
+    <string name="action_exit">Exit</string>
+
+
 </resources>
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/box.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/box.xml
new file mode 100644
index 000000000..01b05ff14
--- /dev/null
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/box.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<layer-list xmlns:android="http://schemas.android.com/apk/res/android" >
+
+    <item>
+        <shape>
+            <solid android:color="#ff000000" />
+                <corners android:radius="20dp"/>
+                <padding android:left="10dp" android:right="10dp" android:top="10dp" android:bottom="10dp"/>
+                <solid android:color="#CCCCCC"/>
+        </shape>
+    </item>
+
+    <!-- main color -->
+    <item
+        android:bottom="2.5dp"
+        android:left="2.5dp"
+        android:right="2.5dp">
+        <shape>
+            <solid android:color="#000" />
+        </shape>
+    </item>
+
+    <!-- draw another block to cut-off the left and right bars -->
+    <item android:bottom="5.0dp">
+        <shape>
+            <solid android:color="#ff000000" />
+        </shape>
+    </item>
+
+</layer-list>
\ No newline at end of file
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/button.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/button.xml
new file mode 100644
index 000000000..c40df4e64
--- /dev/null
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/button.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="utf-8"?>
+<selector xmlns:android="http://schemas.android.com/apk/res/android">
+    <item android:state_pressed="true" >
+        <shape>
+            <solid
+                android:color="#ff000c72" />
+            <stroke
+                android:width="1dp"
+                android:color="#ff002266" />
+            <corners
+                android:radius="2dp" />
+            <padding
+                android:left="10dp"
+                android:top="10dp"
+                android:right="10dp"
+                android:bottom="10dp" />
+        </shape>
+    </item>
+    <item>
+        <shape>
+            <gradient
+                android:startColor="#ff823dae"
+                android:endColor="#6a3ab2"
+                android:angle="270" />
+            <stroke
+                android:width="1dp"
+                android:color="#6a3ab2" />
+            <corners
+                android:radius="4dp" />
+            <padding
+                android:left="10dp"
+                android:top="10dp"
+                android:right="10dp"
+                android:bottom="10dp" />
+        </shape>
+    </item>
+</selector>
\ No newline at end of file
diff --git a/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/edittext.xml b/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/edittext.xml
new file mode 100644
index 000000000..7c71442a0
--- /dev/null
+++ b/MobileShepherd/PoorAuthentication2/app/src/main/res/xml/edittext.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+  <layer-list xmlns:android="http://schemas.android.com/apk/res/android" >
+
+<item>
+    <shape>
+        <solid android:color="#c2c2c2" />
+    </shape>
+</item>
+
+<!-- main color -->
+<item
+    android:bottom="2.5dp"
+    android:left="2.5dp"
+    android:right="2.5dp">
+    <shape>
+        <solid android:color="#000" />
+    </shape>
+</item>
+
+<!-- draw another block to cut-off the left and right bars -->
+<item android:bottom="5.0dp">
+    <shape>
+        <solid android:color="#000" />
+    </shape>
+</item>
+
+</layer-list>
\ No newline at end of file
diff --git a/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/LoggedIn.java b/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/LoggedIn.java
index da0d57094..12b06699f 100644
--- a/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/LoggedIn.java
+++ b/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/LoggedIn.java
@@ -6,7 +6,7 @@
 import android.os.Bundle;
 import android.view.View;
 import android.widget.Toast;
-
+import com.mobshep.shepherdlogin.SessionProvider.*;
 /**
  * This file is part of the Security Shepherd Project.
  *
@@ -63,11 +63,10 @@ public void logoutClicked(View v){
         toEdit.commit();
 
         //delete * from sessions table
-
-
-
+        SessionProvider.DatabaseHelper providerInstance;
+        providerInstance = new DatabaseHelper(this);
+        providerInstance.deleteData();
         checkNullSession();
 
-
     }
 }
diff --git a/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/MainActivity.java b/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/MainActivity.java
index 7176b4c47..2837258f0 100644
--- a/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/MainActivity.java
+++ b/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/MainActivity.java
@@ -65,7 +65,6 @@ protected void onCreate(Bundle savedInstanceState) {
             startActivity(intent);
         }
 
-
         //TODO
         //Remove this and replace with AsyncTask
         StrictMode.ThreadPolicy policy = new StrictMode.ThreadPolicy.Builder().permitAll().build();
@@ -80,11 +79,9 @@ protected void onCreate(Bundle savedInstanceState) {
 
     }
 
-
-
     public void submitClicked(View v) {
 
-        if (username.getText().toString() == "" || password.getText().toString() == ""){
+        if (username.getText().toString().equals("") || password.getText().toString().equals("")){
             Toast blank = Toast.makeText(MainActivity.this, "Blank Fields Detected!", Toast.LENGTH_SHORT);
             blank.show();
             return;
@@ -114,13 +111,12 @@ public void submitClicked(View v) {
                     response, Toast.LENGTH_SHORT);
             responseError.show();
 
+            Log.i(TAG, "Server Response:" + response);
 
-            if (response.contains("Value ERROR")==true){
+            if (response.contains(" ERROR ")){
                 tvResponse.setText("Invalid username or password");
             }
-            else{
-                tvResponse.setText(response);
-            }
+
 
             if (res!=null) {
                 Toast valid = Toast.makeText(MainActivity.this,
@@ -139,23 +135,26 @@ public void submitClicked(View v) {
                 // Provides access to other applications Content Providers
                 Uri uri = getContentResolver().insert(SessionProvider.CONTENT_URL, values);
 
-                Toast.makeText(getBaseContext(), "New Session Stored", Toast.LENGTH_LONG).show();
-
                 Intent intent = new Intent(MainActivity.this, LoggedIn.class);
                 startActivity(intent);
 
             } else {
-
                 Toast.makeText(getBaseContext(), "Invalid Credentials!", Toast.LENGTH_SHORT).show();
             }
         } catch (Exception e) {
 
-            Toast responseError = Toast.makeText(MainActivity.this,
-                    e.toString(), Toast.LENGTH_LONG);
-            responseError.show();
+            if (e.toString().contains("ERROR")){
+                tvResponse.setText("Invalid Credentials");
+            }
+
+            else {
 
-            tvResponse.setText(e.toString());
+                Toast responseError = Toast.makeText(MainActivity.this,
+                        e.toString(), Toast.LENGTH_LONG);
+                responseError.show();
 
+                tvResponse.setText(e.toString());
+            }
         }
 
     }
@@ -190,10 +189,17 @@ public boolean onOptionsItemSelected(MenuItem item) {
                 toEdit.clear();
                 toEdit.commit();
 
+                //delete * from sessions table
+               SessionProvider.DatabaseHelper providerInstance;
+               providerInstance = new SessionProvider.DatabaseHelper(this);
+               providerInstance.deleteData();
+
                 Toast valid = Toast.makeText(MainActivity.this,
                         "Sessions cleared!", Toast.LENGTH_SHORT);
                 valid.show();
 
+
+
             case R.id.action_exit:
 
                 this.finish();
diff --git a/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/SessionProvider.java b/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/SessionProvider.java
index 8fdb43210..d62214e11 100644
--- a/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/SessionProvider.java
+++ b/MobileShepherd/ShepherdLogin/app/src/main/java/com/mobshep/shepherdlogin/SessionProvider.java
@@ -8,9 +8,11 @@
 import android.content.UriMatcher;
 import android.database.Cursor;
 import android.database.sqlite.SQLiteDatabase;
+import android.database.sqlite.SQLiteException;
 import android.database.sqlite.SQLiteOpenHelper;
 import android.database.sqlite.SQLiteQueryBuilder;
 import android.net.Uri;
+import android.provider.SyncStateContract;
 import android.widget.Toast;
 
 import java.util.HashMap;
@@ -67,6 +69,7 @@ public class SessionProvider extends ContentProvider {
 
     @Override
     public boolean onCreate() {
+
         DatabaseHelper dbHelper = new DatabaseHelper(getContext());
         sqlDB = dbHelper.getWritableDatabase();
 
@@ -124,10 +127,13 @@ public String getType(Uri uri) {
     @Override
     public Uri insert(Uri uri, ContentValues values) {
         //delete any previous sessions
-        sqlDB.delete(TABLE_NAME, "id > ? " , new String[]{"0"});
+        try{
+       sqlDB.delete(TABLE_NAME, "id > ? ", new String[]{"0"});
         DatabaseHelper dbHelper = new DatabaseHelper(getContext());
         sqlDB = dbHelper.getWritableDatabase();
+        }catch(SQLiteException e) {
 
+        }
 
         // Gets the row id after inserting a map with the keys representing the the column
         // names and their values. The second attribute is used when you try to insert
@@ -193,9 +199,12 @@ public int update(Uri uri, ContentValues values, String selection, String[] sele
         // notifyChange notifies all observers that a row was updated
         getContext().getContentResolver().notifyChange(uri, null);
         return rowsUpdated;
+
     }
 
-    private static class DatabaseHelper extends SQLiteOpenHelper {
+
+
+    public static class DatabaseHelper extends SQLiteOpenHelper {
         DatabaseHelper(Context context) {
             super(context, DATABASE_NAME, null, DATABASE_VERSION);
         }
@@ -212,9 +221,13 @@ public void onUpgrade(SQLiteDatabase sqlDB, int oldVersion, int newVersion) {
             onCreate(sqlDB);
         }
 
-    }
-
+        public void deleteData(){
+            SQLiteDatabase sqlDB = getWritableDatabase();
+            sqlDB.execSQL("DELETE FROM " + TABLE_NAME);
+            sqlDB.close();
+        }
 
+    }
 }
 
 
diff --git a/MobileShepherd/ShepherdResolver/app/src/main/java/com/mobshep/shepherdresolver/MainActivity.java b/MobileShepherd/ShepherdResolver/app/src/main/java/com/mobshep/shepherdresolver/MainActivity.java
index 8d059c5fd..1f657727f 100644
--- a/MobileShepherd/ShepherdResolver/app/src/main/java/com/mobshep/shepherdresolver/MainActivity.java
+++ b/MobileShepherd/ShepherdResolver/app/src/main/java/com/mobshep/shepherdresolver/MainActivity.java
@@ -3,13 +3,14 @@
 import android.app.Activity;
 import android.app.AlertDialog;
 import android.content.ContentResolver;
-import android.content.CursorLoader;
 import android.content.DialogInterface;
 import android.content.Intent;
 import android.content.SharedPreferences;
 import android.database.Cursor;
+import android.database.sqlite.SQLiteException;
 import android.net.Uri;
 import android.os.Bundle;
+import android.util.Log;
 import android.view.Menu;
 import android.view.MenuItem;
 import android.widget.TextView;
@@ -27,8 +28,6 @@ public class MainActivity extends Activity {
     static final Uri CONTENT_URL =
             Uri.parse("content://com.mobshep.shepherdlogin.SessionProvider/data");
 
-    CursorLoader cursorLoader;
-
     // Provides access to other applications Content Providers
     ContentResolver resolver;
 
@@ -41,17 +40,22 @@ protected void onCreate(Bundle savedInstanceState) {
 
         resolver = getContentResolver();
 
+        try{
         getSession();
+        }catch(SQLiteException e) {
+            Log.d("ShepherdResolver", "No Table Found!");
+        }
+        }
 
-    }
 
     public void getSession(){
 
         // Projection contains the columns we want
         String[] projection = new String[]{"id", "sessionValue"};
 
-        // Pass the URL, projection
-        Cursor cursor = resolver.query(CONTENT_URL, projection, "1", null, null);
+
+            // Pass the URL, projection
+            Cursor cursor = resolver.query(CONTENT_URL, projection, "1", null, null);
 
         String sessionList = "";
 
@@ -71,22 +75,12 @@ public void getSession(){
         session.setText(sessionList);
 
         if (sessionList.equals("")){
-            new AlertDialog.Builder(this)
-                    .setTitle("Login")
-                    .setMessage("You need to login to complete this challenge")
-                    .setPositiveButton("Login", new DialogInterface.OnClickListener() {
-                        public void onClick(DialogInterface dialog, int which) {
-                            Intent launchIntent = getPackageManager().getLaunchIntentForPackage("com.mobshep.shepherdlogin");
-                            startActivity(launchIntent);
-                        }
-                    })
-                    .setNegativeButton("Exit", new DialogInterface.OnClickListener() {
-                        public void onClick(DialogInterface dialog, int which) {
-                        MainActivity.this.finish();
-                        }
-                    })
-                    .setIcon(android.R.drawable.ic_dialog_alert)
-                    .show();
+
+            Intent launchIntent = getPackageManager().getLaunchIntentForPackage("com.mobshep.shepherdlogin");
+            startActivity(launchIntent);
+
+            this.finish();
+
         }
 
         storedSession = getSharedPreferences("session", MODE_PRIVATE);
diff --git a/MobileShepherd/UDataLeakage/app/src/main/java/com/mobshep/udataleakage/UDataLeakage.java b/MobileShepherd/UDataLeakage/app/src/main/java/com/mobshep/udataleakage/UDataLeakage.java
index 87b254069..6961fc06a 100644
--- a/MobileShepherd/UDataLeakage/app/src/main/java/com/mobshep/udataleakage/UDataLeakage.java
+++ b/MobileShepherd/UDataLeakage/app/src/main/java/com/mobshep/udataleakage/UDataLeakage.java
@@ -1,233 +1,231 @@
-package com.mobshep.udataleakage;
-
-import java.io.BufferedWriter;
-import java.io.File;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.util.ArrayList;
-import java.util.Date;
-
-import android.app.Activity;
-import android.app.AlertDialog;
-import android.content.Context;
-import android.content.DialogInterface;
-import android.graphics.Color;
-import android.os.Bundle;
-import android.support.v7.app.ActionBarActivity;
-import android.view.KeyEvent;
-import android.view.MenuItem;
-import android.view.View;
-import android.widget.ArrayAdapter;
-import android.widget.EditText;
-import android.widget.ListView;
-
-/**
- * This file is part of the Security Shepherd Project.
- *
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- *
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- *
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
- *
- * @author Sean Duggan
- */
-
-public class UDataLeakage extends ActionBarActivity {
-
-
-
-	@Override
-	protected void onCreate(Bundle savedInstanceState) {
-		// TODO Auto-generated method stub
-		super.onCreate(savedInstanceState);
-		setContentView(R.layout.udl);
-		
-		
-String destinationDir = "/data/data/" +getPackageName() + "/files/";
-		
-		String destinationPath = destinationDir + "Tue Jul 08 172618 EDT 2014";
-		
-		File f = new File(destinationPath);
-		
-		if (!f.exists()){
-			File directory = new File(destinationDir);
-			directory.mkdirs();
-			//assets members.db -> /databases/
-			
-			try{
-				copyKey(getBaseContext().getAssets().open("Tue Jul 08 172618 EDT 2014"), new FileOutputStream(destinationPath));
-			}catch(FileNotFoundException e){
-				e.printStackTrace();
-			}catch(IOException e){
-				e.printStackTrace();
-			}
-			
-		}
-			
-
-		ListView noteList = (ListView)findViewById(R.id.noteList);
-		final EditText miniNote = (EditText)findViewById(R.id.miniNote);
-		final ArrayList<String> noteItems = new ArrayList<String>();
-		final ArrayAdapter<String> arrayAdapter;
-		
-		
-		arrayAdapter = new ArrayAdapter<String>(this, android.R.layout.simple_list_item_1, noteItems);
-
-		noteList.setAdapter(arrayAdapter);
-		
-		miniNote.setOnKeyListener(new View.OnKeyListener(){
-			public boolean onKey(View v, int keyCode, KeyEvent event){
-				if (event.getAction() == KeyEvent.ACTION_DOWN)
-				if((keyCode == KeyEvent.KEYCODE_DPAD_CENTER) || keyCode == KeyEvent.KEYCODE_ENTER){
-					
-					String Log = miniNote.getText().toString();
-					
-					logDetails(Log);
-					
-					noteItems.add(0, miniNote.getText().toString());
-					arrayAdapter.notifyDataSetChanged();
-					miniNote.setText("");
-					miniNote.setTextColor(Color.WHITE);
-					
-					return true;
-				}
-				return false;
-			}
-		}
-		
-				
-				);
-		
-		
-		
-	}
-
-	private void logDetails(String content) {
-		// TODO Auto-generated method stub
-		Date date = new Date();
-
-		String filename = "LogFile" + date.toString();
-		String EOL = System.getProperty("line.seperator");
-		BufferedWriter writer = null;
-		try {
-			writer = new BufferedWriter(new OutputStreamWriter(openFileOutput(
-					filename, Context.MODE_WORLD_READABLE)));
-			writer.write(content + EOL);
-			writer.write(date + EOL);
-		} catch (Exception e) {
-			e.printStackTrace();
-		} finally {
-			if (writer != null) {
-				try {
-					writer.close();
-				} catch (IOException e) {
-					e.printStackTrace();
-				}
-			}
-		}
-	}
-
-	public void copyKey(InputStream iStream, OutputStream oStream)
-			throws IOException {
-		byte[] buffer = new byte[1024];
-		int i;
-		while ((i = iStream.read(buffer)) > 0) {
-			oStream.write(buffer, 0, i);
-		}
-		iStream.close();
-		oStream.close();
-
-	}
-
-
-
-    @Override
-    public boolean onOptionsItemSelected(MenuItem item) {
-        // Handle action bar item clicks here. The action bar will
-        // automatically handle clicks on the Home/Up button, so long
-        // as you specify a parent activity in AndroidManifest.xml.
-        int id = item.getItemId();
-
-        if (id == R.id.action_license) {
-
-
-            AlertDialog.Builder alertDialogBuilder = new AlertDialog.Builder(
-                    this);
-
-            // set title
-            alertDialogBuilder.setTitle("License");
-
-            // set dialog message
-            alertDialogBuilder
-                    .setMessage("This App is part of the Security Shepherd Project. The Security Shepherd project is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. The Security Shepherd project is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with the Security Shepherd project.  If not, see http://www.gnu.org/licenses.")
-                    .setCancelable(false)
-                    .setPositiveButton("OK",new DialogInterface.OnClickListener() {
-                        public void onClick(DialogInterface dialog,int id) {
-                            // if this button is clicked, close
-                            // current activity
-                            dialog.cancel();
-                        }
-                    });
-
-            // create alert dialog
-            AlertDialog alertDialog = alertDialogBuilder.create();
-
-            // show it
-            alertDialog.show();
-
-            return true;
-        }
-
-
-        if (id == R.id.action_disclaimer) {
-
-
-            AlertDialog.Builder alertDialogBuilder = new AlertDialog.Builder(
-                    this);
-
-            // set title
-            alertDialogBuilder.setTitle("Disclaimer");
-
-            // set dialog message
-            alertDialogBuilder
-                    .setMessage("This App may collect logs via various methods. By using this App you agree to this.")
-                    .setCancelable(false)
-                    .setPositiveButton("OK",new DialogInterface.OnClickListener() {
-                        public void onClick(DialogInterface dialog,int id) {
-                            // if this button is clicked, close
-                            // current activity
-                            dialog.cancel();
-                        }
-                    });
-
-            // create alert dialog
-            AlertDialog alertDialog = alertDialogBuilder.create();
-
-            // show it
-            alertDialog.show();
-
-            return true;
-        }
-
-
-        if (id == R.id.action_exit){
-            finish();
-        }
-
-
-        return super.onOptionsItemSelected(item);
-    }
-
-}
+package com.mobshep.udataleakage;
+
+import java.io.BufferedWriter;
+import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.OutputStreamWriter;
+import java.util.ArrayList;
+import java.util.Date;
+
+import android.app.Activity;
+import android.app.AlertDialog;
+import android.content.Context;
+import android.content.DialogInterface;
+import android.graphics.Color;
+import android.os.Bundle;
+import android.support.v7.app.ActionBarActivity;
+import android.view.KeyEvent;
+import android.view.MenuItem;
+import android.view.View;
+import android.widget.ArrayAdapter;
+import android.widget.EditText;
+import android.widget.ListView;
+
+/**
+ * This file is part of the Security Shepherd Project.
+ *
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ *
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ * @author Sean Duggan
+ */
+
+public class UDataLeakage extends Activity {
+
+	@Override
+	protected void onCreate(Bundle savedInstanceState) {
+		// TODO Auto-generated method stub
+		super.onCreate(savedInstanceState);
+		setContentView(R.layout.udl);
+		
+		
+String destinationDir = "/data/data/" +getPackageName() + "/files/";
+		
+		String destinationPath = destinationDir + "Tue Jul 08 172618 EDT 2014";
+		
+		File f = new File(destinationPath);
+		
+		if (!f.exists()){
+			File directory = new File(destinationDir);
+			directory.mkdirs();
+			//assets members.db -> /databases/
+			
+			try{
+				copyKey(getBaseContext().getAssets().open("Tue Jul 08 172618 EDT 2014"), new FileOutputStream(destinationPath));
+			}catch(FileNotFoundException e){
+				e.printStackTrace();
+			}catch(IOException e){
+				e.printStackTrace();
+			}
+			
+		}
+			
+
+		ListView noteList = (ListView)findViewById(R.id.noteList);
+		final EditText miniNote = (EditText)findViewById(R.id.miniNote);
+		final ArrayList<String> noteItems = new ArrayList<String>();
+		final ArrayAdapter<String> arrayAdapter;
+		
+		
+		arrayAdapter = new ArrayAdapter<String>(this, android.R.layout.simple_list_item_1, noteItems);
+
+		noteList.setAdapter(arrayAdapter);
+		
+		miniNote.setOnKeyListener(new View.OnKeyListener(){
+			public boolean onKey(View v, int keyCode, KeyEvent event){
+				if (event.getAction() == KeyEvent.ACTION_DOWN)
+				if((keyCode == KeyEvent.KEYCODE_DPAD_CENTER) || keyCode == KeyEvent.KEYCODE_ENTER){
+					
+					String Log = miniNote.getText().toString();
+					
+					logDetails(Log);
+					
+					noteItems.add(0, miniNote.getText().toString());
+					arrayAdapter.notifyDataSetChanged();
+					miniNote.setText("");
+					miniNote.setTextColor(Color.WHITE);
+					
+					return true;
+				}
+				return false;
+			}
+		}
+		
+				
+				);
+		
+		
+		
+	}
+
+	private void logDetails(String content) {
+		// TODO Auto-generated method stub
+		Date date = new Date();
+
+		String filename = "LogFile" + date.toString();
+		String EOL = System.getProperty("line.seperator");
+		BufferedWriter writer = null;
+		try {
+			writer = new BufferedWriter(new OutputStreamWriter(openFileOutput(
+					filename, Context.MODE_WORLD_READABLE)));
+			writer.write(content + EOL);
+			writer.write(date + EOL);
+		} catch (Exception e) {
+			e.printStackTrace();
+		} finally {
+			if (writer != null) {
+				try {
+					writer.close();
+				} catch (IOException e) {
+					e.printStackTrace();
+				}
+			}
+		}
+	}
+
+	public void copyKey(InputStream iStream, OutputStream oStream)
+			throws IOException {
+		byte[] buffer = new byte[1024];
+		int i;
+		while ((i = iStream.read(buffer)) > 0) {
+			oStream.write(buffer, 0, i);
+		}
+		iStream.close();
+		oStream.close();
+
+	}
+
+
+
+    @Override
+    public boolean onOptionsItemSelected(MenuItem item) {
+        // Handle action bar item clicks here. The action bar will
+        // automatically handle clicks on the Home/Up button, so long
+        // as you specify a parent activity in AndroidManifest.xml.
+        int id = item.getItemId();
+
+        if (id == R.id.action_license) {
+
+
+            AlertDialog.Builder alertDialogBuilder = new AlertDialog.Builder(
+                    this);
+
+            // set title
+            alertDialogBuilder.setTitle("License");
+
+            // set dialog message
+            alertDialogBuilder
+                    .setMessage("This App is part of the Security Shepherd Project. The Security Shepherd project is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. The Security Shepherd project is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with the Security Shepherd project.  If not, see http://www.gnu.org/licenses.")
+                    .setCancelable(false)
+                    .setPositiveButton("OK",new DialogInterface.OnClickListener() {
+                        public void onClick(DialogInterface dialog,int id) {
+                            // if this button is clicked, close
+                            // current activity
+                            dialog.cancel();
+                        }
+                    });
+
+            // create alert dialog
+            AlertDialog alertDialog = alertDialogBuilder.create();
+
+            // show it
+            alertDialog.show();
+
+            return true;
+        }
+
+
+        if (id == R.id.action_disclaimer) {
+
+
+            AlertDialog.Builder alertDialogBuilder = new AlertDialog.Builder(
+                    this);
+
+            // set title
+            alertDialogBuilder.setTitle("Disclaimer");
+
+            // set dialog message
+            alertDialogBuilder
+                    .setMessage("This App may collect logs via various methods. By using this App you agree to this.")
+                    .setCancelable(false)
+                    .setPositiveButton("OK",new DialogInterface.OnClickListener() {
+                        public void onClick(DialogInterface dialog,int id) {
+                            // if this button is clicked, close
+                            // current activity
+                            dialog.cancel();
+                        }
+                    });
+
+            // create alert dialog
+            AlertDialog alertDialog = alertDialogBuilder.create();
+
+            // show it
+            alertDialog.show();
+
+            return true;
+        }
+
+
+        if (id == R.id.action_exit){
+            finish();
+        }
+
+
+        return super.onOptionsItemSelected(item);
+    }
+
+}
diff --git a/README.md b/README.md
index 5b3329e5c..0a863fd48 100644
--- a/README.md
+++ b/README.md
@@ -2,8 +2,33 @@
 The [OWASP Security Shepherd Project](http://bit.ly/owaspSecurityShepherd) is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen their penetration testing skill set to security expert status.
   
 # Where can I download Security Shepherd?
+
+### Virtual Machine or Manual Setup
 You can download Security Shepherd VM's or Manual Installation Packs from [SourceForge](http://bit.ly/1JbtQtP)
 
+### Docker
+There is also a docker image available from [Dockerhub](https://hub.docker.com/r/owasp/security-shepherd/) you can pull it down with  
+`docker pull owasp/security-shepherd` 
+
+Note: You'll need to get a shell on your docker container and run mysql and tomcat manually;  
+```BASH 
+docker run -i -p 80:80 -p 443:443 -t owasp/security-shepherd /bin/bash
+```
+```BASH 
+/usr/bin/mysqld_safe &
+service tomcat7 start
+```  
+If you don't have ```authbind``` installed and configured on your host machine e.g. on Ubuntu you'll need to do the following;  
+```BASH
+sudo apt-get install authbind   
+touch /etc/authbind/byport/80  
+touch /etc/authbind/byport/443  
+chmod 550 /etc/authbind/byport/80  
+chmod 550 /etc/authbind/byport/443  
+chown tomcat7 /etc/authbind/byport/80  
+chown tomcat7 /etc/authbind/byport/443  
+```
+
 # How do I setup Security Shepherd?
 We've got fully automated and step by step walkthroughs on our [wiki page](https://github.com/markdenihan/owaspSecurityShepherd/wiki) to help you get Security Shepherd up and running.
   
diff --git a/SecurityShepherdCore/.classpath b/SecurityShepherdCore/.classpath
index 61c691341..932d569f8 100644
--- a/SecurityShepherdCore/.classpath
+++ b/SecurityShepherdCore/.classpath
@@ -1,21 +1,24 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" path="src"/>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
-	<classpathentry kind="lib" path="lib/mail.jar"/>
-	<classpathentry kind="lib" path="lib/esapi-2.0.1.jar"/>
-	<classpathentry kind="lib" path="lib/log4j-1.2.7.jar"/>
-	<classpathentry kind="lib" path="lib/servlet-api.jar"/>
-	<classpathentry kind="lib" path="lib/commons-codec-1.6.jar"/>
-	<classpathentry kind="lib" path="lib/json_simple-1.1.jar"/>
-	<classpathentry kind="lib" path="lib/serializer.jar"/>
-	<classpathentry kind="lib" path="lib/resolver.jar"/>
-	<classpathentry kind="lib" path="lib/xercesImpl.jar"/>
-	<classpathentry kind="lib" path="lib/xml-apis.jar"/>
-	<classpathentry kind="lib" path="lib/nekohtml.jar"/>
-	<classpathentry kind="lib" path="lib/org.json-20120521.jar"/>
-	<classpathentry kind="lib" path="lib/jtidy-r938.jar"/>
-	<classpathentry kind="lib" path="lib/jsoup-1.8.2.jar"/>
-	<classpathentry kind="lib" path="lib/mongo-java-driver-2.13.2.jar"/>
-	<classpathentry kind="output" path="bin"/>
-</classpath>
+<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+	<classpathentry kind="src" path="src"/>
+	<classpathentry kind="src" path="test"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/>
+	<classpathentry kind="lib" path="lib/mail.jar"/>
+	<classpathentry kind="lib" path="lib/esapi-2.0.1.jar"/>
+	<classpathentry kind="lib" path="lib/log4j-1.2.7.jar"/>
+	<classpathentry kind="lib" path="lib/servlet-api.jar"/>
+	<classpathentry kind="lib" path="lib/commons-codec-1.6.jar"/>
+	<classpathentry kind="lib" path="lib/json_simple-1.1.jar"/>
+	<classpathentry kind="lib" path="lib/serializer.jar"/>
+	<classpathentry kind="lib" path="lib/resolver.jar"/>
+	<classpathentry kind="lib" path="lib/xercesImpl.jar"/>
+	<classpathentry kind="lib" path="lib/xml-apis.jar"/>
+	<classpathentry kind="lib" path="lib/nekohtml.jar"/>
+	<classpathentry kind="lib" path="lib/org.json-20120521.jar"/>
+	<classpathentry kind="lib" path="lib/jtidy-r938.jar"/>
+	<classpathentry kind="lib" path="lib/jsoup-1.8.2.jar"/>
+	<classpathentry kind="lib" path="lib/mongo-java-driver-2.13.2.jar"/>
+	<classpathentry kind="lib" path="lib/mysql-connector-java-5.1.18-bin.jar"/>
+	<classpathentry kind="con" path="org.eclipse.jdt.junit.JUNIT_CONTAINER/4"/>
+	<classpathentry kind="output" path="bin"/>
+</classpath>
diff --git a/SecurityShepherdCore/database/coreSchema.sql b/SecurityShepherdCore/database/coreSchema.sql
index 8e30a5c92..2c7b21718 100644
--- a/SecurityShepherdCore/database/coreSchema.sql
+++ b/SecurityShepherdCore/database/coreSchema.sql
@@ -15,7 +15,7 @@ SELECT "Creating Tables" FROM DUAL;
 -- -----------------------------------------------------
 CREATE  TABLE IF NOT EXISTS `core`.`class` (
   `classId` VARCHAR(64) NOT NULL ,
-  `className` VARCHAR(32) NOT NULL ,
+  `className` VARCHAR(32) NOT NULL UNIQUE,
   `classYear` VARCHAR(5) NOT NULL ,
   PRIMARY KEY (`classId`) )
 ENGINE = InnoDB;
@@ -152,25 +152,7 @@ END
 $$
 
 DELIMITER ;
--- -----------------------------------------------------
--- procedure userLocked
--- -----------------------------------------------------
-
-DELIMITER $$
-USE `core`$$
-CREATE PROCEDURE `core`.`userLocked` (IN theName VARCHAR(32))
-BEGIN
-DECLARE theDate DATETIME;
-COMMIT;
-SELECT NOW() FROM DUAL INTO theDate;
-SELECT userName FROM `users` 
-    WHERE userName = theName
-    AND theDate > suspendedUntil;
-END
-
-$$
 
-DELIMITER ;
 -- -----------------------------------------------------
 -- procedure userLock
 -- -----------------------------------------------------
@@ -319,8 +301,10 @@ CREATE PROCEDURE `core`.`userCreate` (IN theClassId VARCHAR(64), IN theUserName
 BEGIN
     DECLARE theId VARCHAR(64);
     DECLARE theClassCount INT;    
-    
+    DECLARE theDate DATETIME;
+
     COMMIT;
+    SELECT NOW() FROM DUAL INTO theDate;
     -- If (Valid User Type) AND (classId = null or (Valid Class Id)) Then create user
     IF (theUserRole = 'player' OR theUserRole = 'admin') THEN
         IF (theClassId != null) THEN
@@ -337,7 +321,7 @@ BEGIN
             currVal = currVal + 1
             WHERE tableName = 'users';
         COMMIT;
-        SELECT SHA(CONCAT(currVal, tableName)) FROM sequence
+        SELECT SHA(CONCAT(currVal, tableName, theDate)) FROM sequence
             WHERE tableName = 'users'
             INTO theId;
         
@@ -423,7 +407,7 @@ COMMIT;
 SELECT NOW() FROM DUAL INTO theDate;
 UPDATE users SET
     userPass = SHA2(newPassword, 512),
-    tempPassword = FALSE
+    tempPassword = TRUE
     WHERE userId = theUserId;
 COMMIT;
 END
@@ -448,7 +432,6 @@ BEGIN
     SELECT SHA(CONCAT(currVal, tableName)) FROM sequence
         WHERE tableName = 'users'
         INTO theId;
-    
     INSERT INTO class VALUES (theId, theClassName, theClassYear);
 END
 
@@ -710,6 +693,22 @@ $$
 
 DELIMITER ;
 
+-- -----------------------------------------------------
+-- procedure moduleGetNameLocale
+-- -----------------------------------------------------
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`moduleGetNameLocale` (IN theModuleId VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT moduleNameLangPointer, moduleName FROM modules
+    WHERE moduleId = theModuleId;
+END
+
+$$
+
+DELIMITER ;
 -- -----------------------------------------------------
 -- procedure userUpdateResult
 -- -----------------------------------------------------
@@ -961,6 +960,38 @@ $$
 
 DELIMITER ;
 
+-- -----------------------------------------------------
+-- procedure userGetIdByName
+-- -----------------------------------------------------
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userGetIdByName` (IN theUserName VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT userId FROM users
+    WHERE userName = theUserName;
+END
+$$
+
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- procedure userClassId
+-- -----------------------------------------------------
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userClassId` (IN theUserName VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT classId FROM users
+    WHERE userName = theUserName;
+END
+$$
+
+DELIMITER ;
+
 -- -----------------------------------------------------
 -- procedure userBadSubmission
 -- -----------------------------------------------------
@@ -1366,7 +1397,7 @@ INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleT
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('408610f220b4f71f7261207a17055acbffb8a747', 'SQL Injection', 'sql.injection', 'lesson', 'Injection', 'injection', '3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0', 'e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594', 'open', '55', '30', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('891a0208a95f1791287be721a4b851d4c584880a', 'Insecure Cryptographic Storage Challenge 1', 'insecure.cryptographic.storage.challenge.1', 'challenge', 'Insecure Cryptographic Storage', 'insecure.cryptographic.storage', 'mylovelyhorserunningthroughthefieldwhereareyougoingwithyourbiga', 'x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7', 'open', '65', '35', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4', 'Insecure Direct Object Reference Challenge 1', 'insecure.direct.object.reference.challenge.1', 'challenge', 'Insecure Direct Object References', 'insecure.direct.object.references', 'dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742', 'o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c', 'open', '66', '35', '5', 1);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('6be5de81223cc1b38b6e427cc44f8b6a28d2bc96', 'Poor Data Validation 1', 'poor.data.validation.1', 'challenge', 'Poor Data  Validation', 'poor.data.validation', 'd30475881612685092e5ec469317dcc5ccc1f548a97bfdb041236b5bba7627bf', 'ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e', 'open', '67', '35', '5', 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('6be5de81223cc1b38b6e427cc44f8b6a28d2bc96', 'Poor Data Validation 1', 'poor.data.validation.1', 'challenge', 'Poor Data Validation', 'poor.data.validation', 'd30475881612685092e5ec469317dcc5ccc1f548a97bfdb041236b5bba7627bf', 'ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e', 'open', '67', '35', '5', 0);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('544aa22d3dd16a8232b093848a6523b0712b23da', 'SQL Injection 1', 'sql.injection.1', 'challenge', 'Injection', 'injection', 'fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f', 'e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a', 'open', '68', '35', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('2ab09c0c18470ae5f87d219d019a1f603e66f944', 'Reverse Engineering', 'reverse.engineering', 'lesson', 'Mobile Reverse Engineering', 'mobile.reverse.engineering', 'DrumaDrumaDrumBoomBoom', '19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9', 'open', '75', '40', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d', 'Session Management Challenge 1', 'session.management.challenge.1', 'challenge', 'Session Management', 'session.management', 'db7b1da5d7a43c7100a6f01bb0c', 'dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a', 'open', '75', '40', '5', 0);
@@ -1411,7 +1442,7 @@ INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleT
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('63bc4811a2e72a7c833962e5d47a41251cd90de3', 'Broken Crypto 2', 'broken.crypto.2', 'challenge', 'Mobile Broken Crypto', 'mobile.broken.crypto', 'DancingRobotChilliSauce', 'fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc', 'open', '149', '75', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('e635fce334aa61fdaa459c21c286d6332eddcdd3', 'Client Side Injection 2', 'client.side.injection.2', 'challenge', 'Mobile Injection', 'mobile.injection', 'BurpingChimneys', 'cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425', 'open', '155', '80', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('0a37cb9296ff3763f7f3a45ff313bce47afa9384', 'CSRF 5', 'csrf.5', 'challenge', 'CSRF', 'csrf', '8f34078ef3e53f619618d9def1ede8a6a9117c77c2fad22f76bba633da83e6d4', '70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49', 'open', '156', '80', '5', 0);
-INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3', 'Poor Data Validation 2', 'poor.data.validation.2', 'challenge', 'Poor Data  Validation', 'poor.data.validation', '05adf1e4afeb5550faf7edbec99170b40e79168ecb3a5da19943f05a3fe08c8e', '20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5', 'open', '157', '80', '5', 0);
+INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3', 'Poor Data Validation 2', 'poor.data.validation.2', 'challenge', 'Poor Data Validation', 'poor.data.validation', '05adf1e4afeb5550faf7edbec99170b40e79168ecb3a5da19943f05a3fe08c8e', '20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5', 'open', '157', '80', '5', 0);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c', 'Poor Authentication 1', 'poor.authentication.1', 'challenge', 'Mobile Poor Authentication', 'mobile.poor.authentication', 'MegaKillerExtremeCheese', 'efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467', 'open', '160', '60', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('c7ac1e05faa2d4b1016cfcc726e0689419662784', 'Failure to Restrict URL Access 2', 'failure.to.restrict.url.access.2', 'challenge', 'Failure to Restrict URL Access', 'failure.to.restrict.url.access', '40b675e3d404c52b36abe31d05842b283975ec62e8', '278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa', 'open', '165', '85', '5', 0);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('fccf8e4d5372ee5a73af5f862dc810545d19b176', 'Cross Site Scripting 5', 'cross.site.scripting.5', 'challenge', 'XSS', 'xss', '7d7cc278c30cca985ab027e9f9e09e2f759e5a3d1f63293', 'f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671', 'open', '166', '85', '5', 0);
diff --git a/SecurityShepherdCore/database/moduleSchemas.sql b/SecurityShepherdCore/database/moduleSchemas.sql
index 030882990..89b6a3c0c 100644
--- a/SecurityShepherdCore/database/moduleSchemas.sql
+++ b/SecurityShepherdCore/database/moduleSchemas.sql
@@ -1,1351 +1,1374 @@
-/*
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- */
- 
- 
--- Script used to create all of the schemas on the vulnerable database server
-
-DELIMITER ;
-
--- ======================================================
--- SQL Lesson
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `SqlInjLesson`;
-CREATE SCHEMA IF NOT EXISTS `SqlInjLesson` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `SqlInjLesson` ;
-
--- -----------------------------------------------------
--- Table `SqlInjLesson`.`tb_users`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlInjLesson`.`tb_users` (
-  `usersId` INT NOT NULL AUTO_INCREMENT ,
-  `username` VARCHAR(64) NOT NULL ,
-  `comment` LONGTEXT NULL ,
-  PRIMARY KEY (`usersId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlInjLesson`.`tb_users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlInjLesson`;
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (14232, 'Mark Denihan', 'This guy wrote this application');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (61523, 'Cloud', 'Has a Big Sword');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12543, 'Fred Mtenzi', 'A lecturer in DIT Kevin Street');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (82642, 'qw!dshs@ab', 'Lesson Completed. The result key is 3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12345, 'user', 'Try Adding some SQL Code');
-INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12346, 'OR 1 = 1', 'Your Close, You need to escape the string with an apostraphe so that your code is interpreted');
-
-COMMIT;
-
--- ======================================================
--- SQL Challenge Two (email)
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `SqlChalEmail` ;
-CREATE SCHEMA IF NOT EXISTS `SqlChalEmail` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `SqlChalEmail` ;
-
--- -----------------------------------------------------
--- Table `SqlChalEmail`.`customers`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `SqlChalEmail`.`customers` (
-  `customerId` VARCHAR(64) NOT NULL ,
-  `customerName` VARCHAR(32) NOT NULL ,
-  `customerAddress` VARCHAR(32) NOT NULL ,
-  `comment` LONGTEXT NULL ,
-  PRIMARY KEY (`customerId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlChalEmail`.`customers`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlChalEmail`;
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com', 'Well Done! The Result key is f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3');
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
-INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
-
-COMMIT;
-
--- ======================================================
--- SQL Challenge 1
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-CREATE SCHEMA IF NOT EXISTS `SqlChalOne` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `SqlChalOne` ;
-
--- -----------------------------------------------------
--- Table `SqlChalOne`.`customers`
--- -----------------------------------------------------
-DROP TABLE IF EXISTS `SqlChalOne`.`customers` ;
-
-CREATE  TABLE IF NOT EXISTS `SqlChalOne`.`customers` (
-  `customerId` VARCHAR(64) NOT NULL ,
-  `customerName` VARCHAR(32) NOT NULL ,
-  `customerAddress` VARCHAR(32) NOT NULL ,
-  `comment` LONGTEXT NULL ,
-  PRIMARY KEY (`customerId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlChalOne`.`customers`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlChalOne`;
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com', NULL);
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
-INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', 'Well Done! The reuslt Key is fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f');
-
-COMMIT;
-
--- ======================================================
--- SQL Challenge 3
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-CREATE SCHEMA IF NOT EXISTS `SqlChalThree` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `SqlChalThree` ;
-
--- -----------------------------------------------------
--- Table `SqlChalThree`.`customers`
--- -----------------------------------------------------
-DROP TABLE IF EXISTS `SqlChalThree`.`customers` ;
-
-CREATE  TABLE IF NOT EXISTS `SqlChalThree`.`customers` (
-  `customerId` VARCHAR(64) NOT NULL ,
-  `customerName` VARCHAR(32) NOT NULL ,
-  `creditCardNumber` VARCHAR(19) NOT NULL ,
-  `creditCardExp` VARCHAR(5) NOT NULL ,
-  `creditCardSecurityNumber` VARCHAR(3) NOT NULL ,
-  PRIMARY KEY (`customerId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlChalThree`.`customers`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlChalThree`;
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('ef322ce991de1a890470ad94001e2b83b9266334', 'John Doe', '8454 1244 4712 2144', '12/13', '452');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('92cb640f60e2c9ea11cf89ef2c87d442dc3fa345', 'Jason McCoy', '5468 1763 1854 1451', '12/13', '285');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('8d6588bbfe4ac5b52ebf452dfc5cefe934b788ae', 'Mark Denihan', '1245 2514 2315 2147', '09/20', '745');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('b8811379df47b10b59b717942b8d2aaafeb8f0f8', 'Mary Martin', '9815 1547 3214 7569', '11/14', '987');
-INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('cef8433dc9f4e532999fd7767eaaf7ab620fd94d', 'Joseph McDonnell', '9175 1244 4758 8854', '12/13', '653');
-
-COMMIT;
-
--- ======================================================
--- Broken Authentication and Session Management Challenge 2
--- ======================================================
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalTwo` ;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalTwo` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `BrokenAuthAndSessMangChalTwo` ;
-
--- -----------------------------------------------------
--- Table `BrokenAuthAndSessMangChalTwo`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalTwo`.`users` (
-  `userId` INT NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `userPassword` VARCHAR(128) NOT NULL ,
-  `userAddress` VARCHAR(128) NOT NULL ,
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `BrokenAuthAndSessMangChalTwo`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `BrokenAuthAndSessMangChalTwo`;
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (634, 'superuser', 'default', 'superman@security.com');
-INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com');
-
-COMMIT;
-
--- ======================================================
--- BrokenAuthAndSessMangChalThree
--- ======================================================
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalThree` ;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalThree` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `BrokenAuthAndSessMangChalThree`;
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-
--- -----------------------------------------------------
--- Table `BrokenAuthAndSessMangChalThree`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalThree`.`users` (
-  `userId` INT NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `userPassword` VARCHAR(128) NOT NULL ,
-  `userAddress` VARCHAR(128) NOT NULL ,
-  `userRole` VARCHAR(8) NOT NULL DEFAULT 'guest' ,
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `BrokenAuthAndSessMangChalThree`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `BrokenAuthAndSessMangChalThree`;
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
-
-COMMIT;
-
--- ======================================================
--- directObjectRefChalOne
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `directObjectRefChalOne` ;
-CREATE SCHEMA IF NOT EXISTS `directObjectRefChalOne` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `directObjectRefChalOne` ;
-
--- -----------------------------------------------------
--- Table `directObjectRefChalOne`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `directObjectRefChalOne`.`users` (
-  `userId` VARCHAR(32) NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `privateMessage` MEDIUMTEXT NOT NULL ,
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `directObjectRefChalOne`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `directObjectRefChalOne`;
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('1', 'Paul Bourke', 'No Message Set');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('3', 'Will Bailey', 'I love Go Karting');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('5', 'Orla Cleary', 'As if!');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('7', 'Ronan Fitzpatrick', 'I have retired');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('9', 'Pat McKenana', 'I have a car!');
-INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('11', 'Hidden User', 'Result Key is <a>dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742</a>');
-
-COMMIT;
-
--- ======================================================
--- directObjectRefChalTwo
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `directObjectRefChalTwo` ;
-CREATE SCHEMA IF NOT EXISTS `directObjectRefChalTwo` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `directObjectRefChalTwo` ;
-
--- -----------------------------------------------------
--- Table `directObjectRefChalTwo`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `directObjectRefChalTwo`.`users` (
-  `userId` VARCHAR(32) NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `privateMessage` MEDIUMTEXT NOT NULL ,
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `directObjectRefChalTwo`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `directObjectRefChalTwo`;
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('c81e728d9d4c2f636f067f89cc14862c', 'Joe Sullivan', 'I was going to set a message, but then I decided not to.');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('eccbc87e4b5ce2fe28308fd9f2a7baf3', 'Will Bailey', 'I love Go Karting');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('e4da3b7fbbce2345d7772b0674a318d5', 'Orla Cleary', 'As if Im going to set a message. Who knows who could read it!');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('8f14e45fceea167a5a36dedd4bea2543', 'Ronan Fitzpatrick', 'I have retired');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('6512bd43d9caa6e02c990b0a82652dca', 'Pat McKenana', 'I have a car!');
-INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('c51ce410c124a10e0db5e4b97fc2af39', 'Hidden User', 'Result Key is <a>1f746b87a4e3628b90b1927de23f6077abdbbb64586d3ac9485625da21921a0f</a>');
-
-COMMIT;
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `SQLiC5Shop` ;
-CREATE SCHEMA IF NOT EXISTS `SQLiC5Shop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `SQLiC5Shop` ;
-
--- -----------------------------------------------------
--- Table `SQLiC5Shop`.`items`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`items` (
-  `itemId` INT NOT NULL,
-  `itemName` VARCHAR(45) NULL,
-  `itemCost` INT NULL,
-  PRIMARY KEY (`itemId`))
-ENGINE = InnoDB;
-
--- -----------------------------------------------------
--- Table `SQLiC5Shop`.`coupons`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`coupons` (
-  `couponId` INT NOT NULL,
-  `perCentOff` INT NULL,
-  `couponCode` VARCHAR(128) NULL,
-  `itemId` INT NOT NULL,
-  PRIMARY KEY (`couponId`),
-  INDEX `fk_coupons_items_idx` (`itemId` ASC),
-  CONSTRAINT `fk_coupons_items`
-    FOREIGN KEY (`itemId`)
-    REFERENCES `SQLiC5Shop`.`items` (`itemId`)
-    ON DELETE NO ACTION
-    ON UPDATE NO ACTION)
-ENGINE = InnoDB;
-
--- -----------------------------------------------------
--- Table `SQLiC5Shop`.`vipCoupons`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`vipCoupons` (
-  `vipCouponId` INT NOT NULL,
-  `perCentOff` INT NULL,
-  `couponCode` VARCHAR(128) NULL,
-  `itemId` INT NOT NULL,
-  PRIMARY KEY (`vipCouponId`),
-  INDEX `fk_vipCoupons_items1_idx` (`itemId` ASC),
-  CONSTRAINT `fk_vipCoupons_items1`
-    FOREIGN KEY (`itemId`)
-    REFERENCES `SQLiC5Shop`.`items` (`itemId`)
-    ON DELETE NO ACTION
-    ON UPDATE NO ACTION)
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SQLiC5Shop`.`items`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SQLiC5Shop`;
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (1, 'MeGusta', 30);
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (2, 'Troll', 3000);
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (3, 'Rage', 45);
-INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (4, 'NotBad', 15);
-
-COMMIT;
-
--- -----------------------------------------------------
--- Data for table `SQLiC5Shop`.`coupons`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SQLiC5Shop`;
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (1, 100, 'PleaseTakeARage', 3);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (2, 100, 'RageMemeForFree', 3);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (3, 10, 'PleaseTakeATroll', 2);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (4, 50, 'HalfOffTroll', 2);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (5, 10, 'PleaseTakeANotBad', 4);
-INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (6, 50, 'HalfOffNotBad', 4);
-
-COMMIT;
-
--- -----------------------------------------------------
--- Data for table `SQLiC5Shop`.`vipCoupons`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SQLiC5Shop`;
-INSERT INTO `SQLiC5Shop`.`vipCoupons` (`vipCouponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (861267, 100, 'spcil\/|Pse3cr3etCouponStu.f4rU176', 2);
-
-COMMIT;
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `SqlChalFourSuperSecure` ;
-CREATE SCHEMA IF NOT EXISTS `SqlChalFourSuperSecure` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `SqlChalFourSuperSecure` ;
-
--- ======================================================
--- SQL Injection Challenge 4
--- ======================================================
-
--- -----------------------------------------------------
--- Table `SqlChalFourSuperSecure`.`users`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlChalFourSuperSecure`.`users` (
-  `idusers` INT NOT NULL AUTO_INCREMENT,
-  `userName` VARCHAR(45) NOT NULL,
-  `userPassword` VARCHAR(45) NOT NULL,
-  PRIMARY KEY (`idusers`),
-  UNIQUE INDEX `userName_UNIQUE` (`userName` ASC))
-ENGINE = InnoDB;
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlChalFourSuperSecure`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlChalFourSuperSecure`;
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (1, 'adam', '87i2ueeu2ndsedssda');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (2, 'player', '87iueeundsedssda');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (3, 'user', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (4, 'mark', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (5, 'sean', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (6, 'denihan', 'password');
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (7, 'admin', "98y\'98hsadsoi!111,.,22ee");
-INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (8, 'duggan', 'password');
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- SqlChalSix Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `SqlChalSix` ;
-CREATE SCHEMA IF NOT EXISTS `SqlChalSix` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `SqlChalSix` ;
-
--- -----------------------------------------------------
--- Table `SqlChalSix`.`users`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `SqlChalSix`.`users` (
-  `idusers` INT NOT NULL,
-  `userName` VARCHAR(45) NOT NULL,
-  `userPin` VARCHAR(16) NOT NULL,
-  `userQuestion` VARCHAR(128) NOT NULL,
-  `userAnswer` VARCHAR(256) NOT NULL,
-  `userAge` VARCHAR(16) NOT NULL,
-  PRIMARY KEY (`idusers`))
-ENGINE = InnoDB;
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlChalSix`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlChalSix`;
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (1, 'George', '8367', 'What is your favourite Flower', 'A Red Rose', '23');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (2, 'Brendan', '4685', 'What is the answer to this level?', '17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82', '98');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (3, 'Sean', '1254', 'Your favourite Viking', 'Thor', '25');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (4, 'Anthony', '7844', 'What game do I suck at?', 'All of the games', '84');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (5, 'Owen', '4648', 'Favourite Sandwhich Topping', 'Peanutbutter', '33');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (6, 'Eoin', '2653', 'Where did I holiday in the summer of 69?', 'The Dark Side of the Moon', '12');
-INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (7, 'David', '3598', 'This is how we get ants', "Don\'t get me started", '6');
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- csrfChallengeEnumTokens Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `csrfChallengeEnumTokens` ;
-CREATE SCHEMA IF NOT EXISTS `csrfChallengeEnumTokens` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `csrfChallengeEnumTokens` ;
-
--- -----------------------------------------------------
--- Table `csrfChallengeEnumTokens`.`csrfTokens`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `csrfChallengeEnumTokens`.`csrfTokens` (
-  `userId` VARCHAR(64) NOT NULL,
-  `csrfTokenscol` VARCHAR(256) NULL,
-  PRIMARY KEY (`userId`))
-ENGINE = InnoDB;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- csrfChallengeFour Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `csrfChallengeFour` ;
-CREATE SCHEMA IF NOT EXISTS `csrfChallengeFour` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `csrfChallengeFour` ;
-
--- -----------------------------------------------------
--- Table `csrfChallengeFour`.`csrfTokens`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `csrfChallengeFour`.`csrfTokens` (
-  `userId` VARCHAR(64) NOT NULL,
-  `csrfTokenscol` VARCHAR(256) NULL,
-  PRIMARY KEY (`userId`))
-ENGINE = InnoDB;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- BrokenAuthAndSessMangChalFive Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalFive` ;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalFive` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `BrokenAuthAndSessMangChalFive`;
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-
--- -----------------------------------------------------
--- Table `BrokenAuthAndSessMangChalFive`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalFive`.`users` (
-  `userId` INT NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `userPassword` VARCHAR(128) NOT NULL ,
-  `userAddress` VARCHAR(128) NOT NULL ,
-  `userRole` VARCHAR(8) NOT NULL DEFAULT 'guest' ,
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `BrokenAuthAndSessMangChalFive`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `BrokenAuthAndSessMangChalFive`;
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
-INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- Session Management Challenge Six Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSix` ;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSix` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `BrokenAuthAndSessMangChalSix` ;
-
--- -----------------------------------------------------
--- Table `BrokenAuthAndSessMangChalSix`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSix`.`users` (
-  `userId` INT NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `userPassword` VARCHAR(128) NOT NULL ,
-  `userAddress` VARCHAR(128) NOT NULL ,
-  `secretQuestion` VARCHAR(256) NOT NULL ,
-  `secretAnswer` VARCHAR(128) NOT NULL, 
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `BrokenAuthAndSessMangChalSix`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `BrokenAuthAndSessMangChalSix`;
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1224, 'manager', 		'!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com',	'What is the first name of the person you first kissed?', 'Lena Andrysiak');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1225, 'sean',	 		'!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com',	'What is the first name of the person you first kissed?', 'Ronit Tornincasa');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3214, 'administrator', 	'!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com','What is the last name of the teacher who gave you your first failing grade?', 'Aran Keegan');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3212, 'root', 			'!148972hsfalkjlkfi381', 'elitehacker@shepherd.com','What is the name of the place your wedding reception was held?', 'Deerburn Hotel');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6344, 'superuser', 		'!148972hsfalkjlkfi381', 'superman@security.com',	'Who was the first person to beat you up when you were 8 years old?', 'Lileas Lockwood');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com',	'What was the name of the person who stole your TV the second time?', 'Olwen Sordi');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6343, 'mark', 			'148!972hsfalkjlkfi381', 'superman2@security.com',	'Who is your favourite Barista?', 'Buzz Fendall');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6342, 'markdenihan', 	'148!972hsfalkjlkfi381', 'superman3@security.com',	'Who is your most favourite person you have not met?', 'Etna Filippi');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com',	'Who is your most favourite person you have not met?', 'Emily Fabian');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com',	'Who is your most favourite person you have not met?', 'Leola Naggia');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com',	'Who is your most favourite person you have not met?', 'Gladys Gabrielli');
-INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com',	'Who is your most favourite person you have not met?', 'Morag Bristol');
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- Session Management Challenge Seven Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSeven` ;
-CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSeven` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `BrokenAuthAndSessMangChalSeven` ;
-
--- -----------------------------------------------------
--- Table `BrokenAuthAndSessMangChalSeven`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSeven`.`users` (
-  `userId` INT NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `userPassword` VARCHAR(128) NOT NULL ,
-  `userAddress` VARCHAR(128) NOT NULL ,
-  `secretQuestion` VARCHAR(256) NOT NULL ,
-  `secretAnswer` VARCHAR(128) NOT NULL, 
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `BrokenAuthAndSessMangChalSeven`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `BrokenAuthAndSessMangChalSeven`;
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1224, 'manager', 		'!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com',		'What is your favourite flower?', 'Jade Vine');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1225, 'sean',	 		'!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com',		'What is your favourite flower?', 'Corpse Flower');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3214, 'administrator', 	'!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com','What is your favourite flower?', 'Gibraltar Campion');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3212, 'root', 			'!148972hsfalkjlkfi381', 'elitehacker@shepherd.com',	'What is your favourite flower?', 'Franklin Tree');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6344, 'superuser', 		'!148972hsfalkjlkfi381', 'superman@security.com',	'What is your favourite flower?', 'Jade Vine');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com',	'What is your favourite flower?', 'Middlemist Red');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6343, 'mark', 			'148!972hsfalkjlkfi381', 'superman2@security.com',		'What is your favourite flower?', 'Chocolate Cosmos');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6342, 'markdenihan', 	'148!972hsfalkjlkfi381', 'superman3@security.com',		'What is your favourite flower?', 'Ghost Orchid');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com',	'What is your favourite flower?', 'Jade Vine');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com',		'What is your favourite flower?', 'Ghost Orchid');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com',	'What is your favourite flower?', 'Corpse Flower');
-INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com',		'What is your favourite flower?', 'Gibraltar Campion');
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- CryptShop Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `CryptShop` ;
-CREATE SCHEMA IF NOT EXISTS `CryptShop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `CryptShop` ;
-
--- -----------------------------------------------------
--- Table `CryptShop`.`items`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `CryptShop`.`items` (
-  `itemId` INT NOT NULL,
-  `itemName` VARCHAR(45) NULL,
-  `itemCost` INT NULL,
-  PRIMARY KEY (`itemId`))
-ENGINE = InnoDB;
-
--- -----------------------------------------------------
--- Table `CryptShop`.`coupons`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `CryptShop`.`coupons` (
-  `couponId` INT NOT NULL,
-  `perCentOff` INT NULL,
-  `couponCode` VARCHAR(128) NULL,
-  `itemId` INT NOT NULL,
-  PRIMARY KEY (`couponId`),
-  INDEX `fk_coupons_items_idx` (`itemId` ASC),
-  CONSTRAINT `fk_coupons_items`
-    FOREIGN KEY (`itemId`)
-    REFERENCES `CryptShop`.`items` (`itemId`)
-    ON DELETE NO ACTION
-    ON UPDATE NO ACTION)
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `CryptShop`.`items`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `CryptShop`;
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (1, 'MeGusta', 30);
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (2, 'Troll', 3000);
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (3, 'Rage', 45);
-INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (4, 'NotBad', 15);
-
-COMMIT;
-
--- -----------------------------------------------------
--- Data for table `CryptShop`.`coupons`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `CryptShop`;
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (1, 100, 'PleaseTakeARage', 3);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (2, 100, 'RageMemeForFree', 3);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (3, 10, 'PleaseTakeATroll', 2);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (4, 50, 'HalfOffTroll', 2);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (5, 10, 'PleaseTakeANotBad', 4);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (6, 50, 'HalfOffNotBad', 4);
-INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (432197, 100, 'e!c!3etZoumo@Stu4rU176', 2);
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- Failure to Restrict URL Access Challenge Three Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `UrlAccessThree` ;
-CREATE SCHEMA IF NOT EXISTS `UrlAccessThree` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `UrlAccessThree` ;
-
--- -----------------------------------------------------
--- Table `UrlAccessThree`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `UrlAccessThree`.`users` (
-  `userId` INT NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `userPassword` VARCHAR(128) NOT NULL ,
-  `userAddress` VARCHAR(128) NOT NULL ,
-  `userRole` VARCHAR(32) NOT NULL,
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `UrlAccessThree`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `UrlAccessThree`;
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1223, 'aGuest', 		'!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'guest');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1224, 'manager', 		'!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1225, 'sean',	 		'!14897-hs.alNj.kFim81', 'zoidberg24@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3214, 'administrator', 	'!14897-hs.alNj.kFim81', 'buzzthebald@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 			'!14897-hs.alNj.kFim81', 'elitehacker@shepherd.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6344, 'superuser', 		'!14897-hs.alNj.kFim81', 'superman@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6345, 'MrJohnReillyTheSecond', 		'!14897-hs.alNj.kFim81', 'MrJohnReillyTheSecond@security.com', 'superadmin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6346, 'megauser', 		'!14897-hs.alNj.kFim81', 'megaman@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6347, 'hyperuser', 		'!14897-hs.alNj.kFim81', 'hmegaman@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6348, 'godzilla', 		'!14897-hs.alNj.kFim81', 'godzilla@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6349, 'kinguser', 		'!14897-hs.alNj.kFim81', 'kinguser@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6343, 'mark', 			'148!97-hs.alNj.kFim81', 'superman2@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6342, 'markdenihan', 	'148!97-hs.alNj.kFim81', 'superman3@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com', 'admin');
-INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com', 'admin');
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- sqlInjectSeven Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-DROP SCHEMA IF EXISTS `sqlInjectSeven` ;
-CREATE SCHEMA IF NOT EXISTS `sqlInjectSeven` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `sqlInjectSeven`;
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-
--- -----------------------------------------------------
--- Table `sqlInjectSeven`.`users`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `sqlInjectSeven`.`users` (
-  `userId` INT NOT NULL ,
-  `userName` VARCHAR(32) NOT NULL ,
-  `userPassword` VARCHAR(128) NOT NULL ,
-  `userEmail` VARCHAR(128) NOT NULL ,
-  `userRole` VARCHAR(8) NOT NULL DEFAULT 'default' ,
-  PRIMARY KEY (`userId`) )
-ENGINE = InnoDB;
-
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `sqlInjectSeven`.`users`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `sqlInjectSeven`;
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (40, 'User 1', 'de1027fnNys6687as!283619fj1237fault', 'UserJohn1@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (41, 'User 2', 'd128361027fnNys6687as!9fj1237efault', 'UserJim2@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (42, 'User 3', 'defa1283619f027fnNys6687as!j1237ult', 'UserJone3@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (43, 'User 4', 'd1283619fj12027fnNys6687as!37efault', 'UserBell4@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (44, 'User 5', 'defau1283619fj1237lt', 'UserConan5@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (45, 'User 6', 'de1283619fj1237fault', 'UserSmioth6@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (46, 'User 7', 'def1d88027fnNys6687as!sd&dsault', 'UserHat7@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (47, 'User 8', 'def1d027fnNys6687as!88sd&dsault', 'UserPage8@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (48, 'User 9', 'defaul027fnNys6687as!1d88sd&dst', 'UserCube9@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (49, 'User 11', 'd1d88027fnNys6687as!sd&dsefault', 'MrsJohn1@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (50, 'User 12', 'defau027fnNys6687as!l1d88sd&dst', 'MrsJim2@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (51, 'User 13', 'def_926diUUscnaosOault', 'MrsJone3@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (52, 'User 14', 'd_926diUUscnaosOefault', 'MrsBell4@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (53, 'User 15', 'defaul_926diUUscnaosOt', 'MrsConan5@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (54, 'User 16', 'de_926diUUscnaosOfault', 'MrsSmioth6@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (55, 'User 17', 'defaul_926diUUscnaosOt', 'MrsHat7@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (56, 'User 18', 'de_926diUUscnaosOfault', 'MrsPage8@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (57, 'User 19', 'defa_926diUUscnaosOult', 'MrsCube9@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (58, 'User 20', 'd_926diUUscnaosOefault', 'Mr20@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (59, 'User 21', 'defa1027fnNys6687as!ult', 'Mr2John1@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (60, 'User 22', 'de027fnNys6687as!fault', 'Mr2Jim2@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (61, 'User 23', 'defau027fnNys6687as!lt', 'Mr2Jone3@User.com', 'default');
-INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (62, 'User 10', 'def027fnNys6687as!ault', 'Mrs0@User.com', 'default');
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- securityMisconfigStealToken Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `securityMisconfigStealToken` ;
-CREATE SCHEMA IF NOT EXISTS `securityMisconfigStealToken` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `securityMisconfigStealToken` ;
-
--- -----------------------------------------------------
--- Table `securityMisconfigStealToken`.`tokens`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `securityMisconfigStealToken`.`tokens` (
-  `idtokens` INT NOT NULL AUTO_INCREMENT,
-  `userId` VARCHAR(64) NULL,
-  `token` VARCHAR(64) NULL,
-  PRIMARY KEY (`idtokens`),
-  UNIQUE INDEX `userId_UNIQUE` (`userId` ASC),
-  UNIQUE INDEX `token_UNIQUE` (`token` ASC))
-ENGINE = InnoDB;
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- getToken Procedure
-DELIMITER $$
-USE `securityMisconfigStealToken`$$
-CREATE PROCEDURE `securityMisconfigStealToken`.`getToken` (IN theUserId VARCHAR(64))
-BEGIN
-DECLARE tokenExists INT;
-COMMIT;
-SELECT count(token) FROM `securityMisconfigStealToken`.`tokens` WHERE userId = theUserId INTO tokenExists;
-IF (tokenExists < 1) THEN
-	INSERT INTO tokens (userId, token) VALUES (theUserId, SHA2(CONCAT(RAND(), now()), 256));
-	COMMIT;
-END IF;
-SELECT token FROM tokens WHERE userId = theUserId;
-END
-$$
-
-DELIMITER ;
-
--- validToken Procedure
-DELIMITER $$
-USE `securityMisconfigStealToken`$$
-CREATE PROCEDURE `securityMisconfigStealToken`.`validToken` (IN theUserId VARCHAR(64), theToken VARCHAR(64))
-BEGIN
-COMMIT;
-SELECT count(token) FROM `securityMisconfigStealToken`.`tokens` WHERE userId != theUserId AND token = theToken;
-END
-$$
-
-DELIMITER ;
-
-COMMIT;
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- DirectObjectBank Schema
--- -----------------------------------------------------
--- -----------------------------------------------------
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
-
-DROP SCHEMA IF EXISTS `directObjectBank` ;
-CREATE SCHEMA IF NOT EXISTS `directObjectBank` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
-USE `directObjectBank` ;
-
--- -----------------------------------------------------
--- Table `directObjectBank`.`bankAccounts`
--- -----------------------------------------------------
-CREATE TABLE IF NOT EXISTS `directObjectBank`.`bankAccounts` (
-  `account_number` INT NOT NULL AUTO_INCREMENT,
-  `account_holder` VARCHAR(45) NOT NULL,
-  `account_password` VARCHAR(256) NOT NULL,
-  `account_balance` FLOAT NOT NULL DEFAULT 5,
-  PRIMARY KEY (`account_number`), 
-  UNIQUE INDEX `account_holder_UNIQUE` (`account_holder` ASC))
-ENGINE = InnoDB;
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `directObjectBank`.`bankAccounts`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `directObjectBank`;
-INSERT INTO `directObjectBank`.`bankAccounts` (`account_number`, `account_holder`, `account_password`, `account_balance`) VALUES (0, 'Mr. Banks', 'SignInImpossibleBecauseNotHashed', 10000000);
-
-COMMIT;
-
--- BankAuth Procedure
-DELIMITER $$
-USE `directObjectBank`$$
-CREATE PROCEDURE `directObjectBank`.`bankAuth` (IN theUserId VARCHAR(45), thePass VARCHAR(256))
-BEGIN
-COMMIT;
-SELECT account_number, account_holder FROM `directObjectBank`.`bankAccounts` WHERE account_holder = theUserId AND account_password = SHA2(thePass, 256);
-END
-$$
-
-DELIMITER ;
-
--- CurrentFunds Procedure
-DELIMITER $$
-USE `directObjectBank`$$
-CREATE PROCEDURE `directObjectBank`.`currentFunds` (IN theBankAccountNumber VARCHAR(45))
-BEGIN
-COMMIT;
-SELECT account_balance FROM `directObjectBank`.`bankAccounts` WHERE account_number = theBankAccountNumber;
-END
-$$
-
-DELIMITER ;
-
--- transferFunds Procedure
-DELIMITER $$
-USE `directObjectBank`$$
-CREATE PROCEDURE `directObjectBank`.`transferFunds` (IN theGiverAccountNumber VARCHAR(45), IN theRecieverAccountNumber VARCHAR(45), IN theAmmount FLOAT)
-BEGIN
-COMMIT;
-UPDATE `directObjectBank`.`bankAccounts` 
-	SET account_balance = account_balance - theAmmount
-	WHERE account_number = theGiverAccountNumber;
-UPDATE `directObjectBank`.`bankAccounts` 
-	SET account_balance = account_balance + theAmmount
-	WHERE account_number = theRecieverAccountNumber;
-COMMIT;
-END
-$$
-
-DELIMITER ;
-
--- createAccount Procedure
-DELIMITER $$
-USE `directObjectBank`$$
-CREATE PROCEDURE `directObjectBank`.`createAccount` (IN accountHolder VARCHAR(45), IN accountPassword VARCHAR(256))
-BEGIN
-COMMIT;
-INSERT INTO `directObjectBank`.`bankAccounts` (`account_holder`, `account_password`, `account_balance`) VALUES (accountHolder, SHA2(accountPassword, 256), 0);
-COMMIT;
-END
-$$
-
-DELIMITER ;
-
-COMMIT;
-
--- ======================================================
--- SQL Stored Proecure Challenge
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `SqlChalStoredProc` ;
-CREATE SCHEMA IF NOT EXISTS `SqlChalStoredProc` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `SqlChalStoredProc` ;
-
--- -----------------------------------------------------
--- Table `SqlChalStoredProc`.`customers`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `SqlChalStoredProc`.`customers` (
-  `customerId` VARCHAR(64) NOT NULL ,
-  `customerName` VARCHAR(32) NOT NULL ,
-  `customerAddress` VARCHAR(128) NOT NULL ,
-  `comment` LONGTEXT NULL ,
-  PRIMARY KEY (`customerId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlChalStoredProc`.`customers`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlChalStoredProc`;
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'the1night2before3four@exampleEmails.com', 'Well Done! The Result key is d9c5757c1c086d02d491cbe46a941ecde5a65d523de36ac1bfed8dd4dd9994c8');
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
-INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
-
-COMMIT;
-
--- findUser Procedure
-DELIMITER $$
-USE `SqlChalStoredProc`$$
-CREATE PROCEDURE `SqlChalStoredProc`.`findUser` (IN theAddress VARCHAR(128))
-BEGIN
-COMMIT;
-SELECT * FROM customers WHERE customerAddress = theAddress;
-END
-$$
-
-DELIMITER ;
-
-COMMIT;
-
--- -----------------------------------------------------
--- ======================================================
--- ======================================================
--- SQL Injection Poor Escaping (email)
--- ======================================================
-
-SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
-SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
-SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
-
-DROP SCHEMA IF EXISTS `SqlPoorEscape` ;
-CREATE SCHEMA IF NOT EXISTS `SqlPoorEscape` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
-USE `SqlPoorEscape` ;
-
--- -----------------------------------------------------
--- Table `SqlPoorEscape`.`customers`
--- -----------------------------------------------------
-CREATE  TABLE IF NOT EXISTS `SqlPoorEscape`.`customers` (
-  `customerId` VARCHAR(64) NOT NULL ,
-  `customerName` VARCHAR(32) NOT NULL ,
-  `customerAddress` VARCHAR(32) NOT NULL ,
-  `comment` LONGTEXT NULL ,
-  PRIMARY KEY (`customerId`) )
-ENGINE = InnoDB;
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
--- -----------------------------------------------------
--- Data for table `SqlPoorEscape`.`customers`
--- -----------------------------------------------------
-START TRANSACTION;
-USE `SqlPoorEscape`;
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019h53d60a6b875b20095705d53f8c7b0ca', 'John Fits', 'thislifecouldbethelast@example.com', NULL);
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc105ifdua464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'dontfoolyourself@example.com', 'Well Done! The Result key is 0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac');
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('051594asdjd6869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'dontkidyourself@cube.com', NULL);
-INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26adjdccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'andweretooyoungtosee@deaf.com', NULL);
-
-COMMIT;
-
-
--- -----------------------------------------------------
--- -----------------------------------------------------
--- Module Schema Users
--- -----------------------------------------------------
--- -----------------------------------------------------
-
-
-SET SQL_MODE=@OLD_SQL_MODE;
-SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
-SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
-
-commit;
-
-DROP USER 'userLookUuuup'@'localhost';
-CREATE USER 'userLookUuuup'@'localhost' IDENTIFIED BY 'youMomaSoTh1n';
-GRANT SELECT ON `SqlChalSix`.`users`  TO 'userLookUuuup'@'localhost';
-
-DROP USER 'DnTPubUser'@'localhost';
-CREATE USER 'DnTPubUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
-GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTPubUser'@'localhost';
-GRANT SELECT ON `SQLiC5Shop`.`coupons` TO 'DnTPubUser'@'localhost';
-
-DROP USER 'DnTVipUser'@'localhost';
-CREATE USER 'DnTVipUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
-GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTVipUser'@'localhost';
-GRANT SELECT ON `SQLiC5Shop`.`vipCoupons` TO 'DnTVipUser'@'localhost';
-
-DROP USER 'DnTPurUser'@'localhost';
-CREATE USER 'DnTPurUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
-GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTPurUser'@'localhost';
-GRANT SELECT ON `SQLiC5Shop`.`coupons` TO 'DnTPurUser'@'localhost';
-GRANT SELECT ON `SQLiC5Shop`.`vipCoupons` TO 'DnTPurUser'@'localhost';
-
-
-DROP USER 'firstBloodyMessL'@'localhost';
-CREATE USER 'firstBloodyMessL'@'localhost' IDENTIFIED BY 'firstBlooded';
-GRANT SELECT ON `SqlInjLesson`.`tb_users` TO 'firstBloodyMessL'@'localhost';
-
-DROP USER 'CharlieSeabrook'@'localhost';
-CREATE USER 'CharlieSeabrook'@'localhost' IDENTIFIED BY 'shallowHal';
-GRANT SELECT ON `SqlChalEmail`.`customers` TO 'CharlieSeabrook'@'localhost';
-
-DROP USER 'RightGuard3d'@'localhost';
-CREATE USER 'RightGuard3d'@'localhost' IDENTIFIED BY 'logic3Speaker';
-GRANT SELECT ON `SqlChalOne`.`customers` TO 'RightGuard3d'@'localhost';
-
-DROP USER 'HdmiNoSignal'@'localhost';
-CREATE USER 'HdmiNoSignal'@'localhost' IDENTIFIED BY '1nforma1ion';
-GRANT SELECT ON `SqlChalThree`.`customers` TO 'HdmiNoSignal'@'localhost';
-
-DROP USER  'randomUserName'@'localhost';
-CREATE USER 'randomUserName'@'localhost' IDENTIFIED BY 'c4utionHoT';
-GRANT SELECT ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
-GRANT UPDATE ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
-
-
-DROP USER  'doveM3nCare'@'localhost';
-CREATE USER 'doveM3nCare'@'localhost' IDENTIFIED BY 'plusm0r3';
-GRANT SELECT ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
-GRANT UPDATE ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
-
-DROP USER 'murr4yFe1ld'@'localhost';
-CREATE USER  'murr4yFe1ld'@'localhost' IDENTIFIED BY '4gainst3ngl4nd';
-GRANT SELECT ON `directObjectRefChalOne`.`users` TO 'murr4yFe1ld'@'localhost';
-
-DROP USER 'd3nn1sM4nely'@'localhost';
-CREATE USER  'd3nn1sM4nely'@'localhost' IDENTIFIED BY 'Pr0ductM4rket1ngIssu3s';
-GRANT SELECT ON `directObjectRefChalTwo`.`users` TO 'd3nn1sM4nely'@'localhost';
-
-DROP USER 'secureDood'@'localhost';
-CREATE USER  'secureDood'@'localhost' IDENTIFIED BY 'iCantEv3n';
-GRANT SELECT ON `SqlChalFourSuperSecure`.`users` TO 'secureDood'@'localhost';
-
-DROP USER 'csrfChalEnuer'@'localhost';
-CREATE USER  'csrfChalEnuer'@'localhost' IDENTIFIED BY 'c4n1bUplZ';
-GRANT SELECT ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
-GRANT INSERT ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
-GRANT UPDATE ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
-
-DROP USER  'l3tsg0cra'@'localhost';
-CREATE USER 'l3tsg0cra'@'localhost' IDENTIFIED BY '83ururMa';
-GRANT SELECT ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
-GRANT UPDATE ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
-
-DROP USER 'csrfChalFour'@'localhost';
-CREATE USER  'csrfChalFour'@'localhost' IDENTIFIED BY 'R1n13U2pv';
-GRANT SELECT ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
-GRANT INSERT ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
-GRANT UPDATE ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
-
-DROP USER  'randomMoFoName'@'localhost';
-CREATE USER 'randomMoFoName'@'localhost' IDENTIFIED BY 'c2zXlq_ZoT';
-GRANT SELECT ON `BrokenAuthAndSessMangChalSix`.`users` TO 'randomMoFoName'@'localhost';
-
-DROP USER  'randomFlower'@'localhost';
-CREATE USER 'randomFlower'@'localhost' IDENTIFIED BY 'c21-le_6oT';
-GRANT SELECT ON `BrokenAuthAndSessMangChalSeven`.`users` TO 'randomFlower'@'localhost';
-
-DROP USER 'tSwsfUSer'@'localhost';
-CREATE USER 'tSwsfUSer'@'localhost' IDENTIFIED BY '9s31iusd-n';
-GRANT SELECT ON `CryptShop`.`items` TO 'tSwsfUSer'@'localhost';
-GRANT SELECT ON `CryptShop`.`coupons` TO 'tSwsfUSer'@'localhost';
-
-DROP USER  'yourOrEll'@'localhost';
-CREATE USER 'yourOrEll'@'localhost' IDENTIFIED BY '91dj3:766f';
-GRANT SELECT ON `UrlAccessThree`.`users` TO 'yourOrEll'@'localhost';
-
-DROP USER  'r1ndomFlower'@'localhost';
-CREATE USER 'r1ndomFlower'@'localhost' IDENTIFIED BY 'c41-l2_6oT';
-GRANT SELECT ON `sqlInjectSeven`.`users` TO 'r1ndomFlower'@'localhost';
-
-DROP USER  'al1th3Tokens'@'localhost';
-CREATE USER 'al1th3Tokens'@'localhost' IDENTIFIED BY '87SDO63yUN.';
-GRANT SELECT ON `securityMisconfigStealToken`.`tokens` TO 'al1th3Tokens'@'localhost';
-GRANT INSERT ON `securityMisconfigStealToken`.`tokens` TO 'al1th3Tokens'@'localhost';
-GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`getToken` TO 'al1th3Tokens'@'localhost';
-GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`validToken`  TO 'al1th3Tokens'@'localhost';
-
-DROP USER 'theBankMan'@'localhost';
-CREATE USER 'theBankMan'@'localhost' IDENTIFIED BY 'B4ndkm.M98n';
-GRANT SELECT ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
-GRANT INSERT ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
-GRANT UPDATE ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
-GRANT EXECUTE ON PROCEDURE `directObjectBank`.`bankAuth` TO 'theBankMan'@'localhost';
-GRANT EXECUTE ON PROCEDURE `directObjectBank`.`currentFunds` TO 'theBankMan'@'localhost';
-GRANT EXECUTE ON PROCEDURE `directObjectBank`.`transferFunds` TO 'theBankMan'@'localhost';
-GRANT EXECUTE ON PROCEDURE `directObjectBank`.`createAccount` TO 'theBankMan'@'localhost';
-
-DROP USER 'procChalUser'@'localhost';
-CREATE USER 'procChalUser'@'localhost' IDENTIFIED BY 'k61dSmsM*8n';
-GRANT SELECT ON `SqlChalStoredProc`.`customers` TO 'procChalUser'@'localhost';
-GRANT EXECUTE ON PROCEDURE `SqlChalStoredProc`.`findUser` TO 'procChalUser'@'localhost';
-
-DROP USER 'imVideoingThis'@'localhost';
-CREATE USER 'imVideoingThis'@'localhost' IDENTIFIED BY 'auoi@7723dj';
+/*
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ */
+ 
+ 
+-- Script used to create all of the schemas on the vulnerable database server
+
+DELIMITER ;
+
+-- ======================================================
+-- SQL Lesson
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `SqlInjLesson`;
+CREATE SCHEMA IF NOT EXISTS `SqlInjLesson` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `SqlInjLesson` ;
+
+-- -----------------------------------------------------
+-- Table `SqlInjLesson`.`tb_users`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `SqlInjLesson`.`tb_users` (
+  `usersId` INT NOT NULL AUTO_INCREMENT ,
+  `username` VARCHAR(64) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`usersId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlInjLesson`.`tb_users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlInjLesson`;
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (14232, 'Mark Denihan', 'This guy wrote this application');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (61523, 'Cloud', 'Has a Big Sword');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12543, 'Fred Mtenzi', 'A lecturer in DIT Kevin Street');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (82642, 'qw!dshs@ab', 'Lesson Completed. The result key is 3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12345, 'user', 'Try Adding some SQL Code');
+INSERT INTO `SqlInjLesson`.`tb_users` (`usersId`, `username`, `comment`) VALUES (12346, 'OR 1 = 1', 'Your Close, You need to escape the string with an apostraphe so that your code is interpreted');
+
+COMMIT;
+
+-- ======================================================
+-- SQL Challenge Two (email)
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `SqlChalEmail` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalEmail` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `SqlChalEmail` ;
+
+-- -----------------------------------------------------
+-- Table `SqlChalEmail`.`customers`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `SqlChalEmail`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(32) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlChalEmail`.`customers`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlChalEmail`;
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com', 'Well Done! The Result key is f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3');
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
+INSERT INTO `SqlChalEmail`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
+
+COMMIT;
+
+-- ======================================================
+-- SQL Challenge 1
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+CREATE SCHEMA IF NOT EXISTS `SqlChalOne` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `SqlChalOne` ;
+
+-- -----------------------------------------------------
+-- Table `SqlChalOne`.`customers`
+-- -----------------------------------------------------
+DROP TABLE IF EXISTS `SqlChalOne`.`customers` ;
+
+CREATE  TABLE IF NOT EXISTS `SqlChalOne`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(32) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlChalOne`.`customers`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlChalOne`;
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'thenightbefore@example.com', NULL);
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
+INSERT INTO `SqlChalOne`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', 'Well Done! The reuslt Key is fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f');
+
+COMMIT;
+
+-- ======================================================
+-- SQL Challenge 3
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+CREATE SCHEMA IF NOT EXISTS `SqlChalThree` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `SqlChalThree` ;
+
+-- -----------------------------------------------------
+-- Table `SqlChalThree`.`customers`
+-- -----------------------------------------------------
+DROP TABLE IF EXISTS `SqlChalThree`.`customers` ;
+
+CREATE  TABLE IF NOT EXISTS `SqlChalThree`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `creditCardNumber` VARCHAR(19) NOT NULL ,
+  `creditCardExp` VARCHAR(5) NOT NULL ,
+  `creditCardSecurityNumber` VARCHAR(3) NOT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlChalThree`.`customers`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlChalThree`;
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('ef322ce991de1a890470ad94001e2b83b9266334', 'John Doe', '8454 1244 4712 2144', '12/13', '452');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('92cb640f60e2c9ea11cf89ef2c87d442dc3fa345', 'Jason McCoy', '5468 1763 1854 1451', '12/13', '285');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('8d6588bbfe4ac5b52ebf452dfc5cefe934b788ae', 'Mark Denihan', '1245 2514 2315 2147', '09/20', '745');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('b8811379df47b10b59b717942b8d2aaafeb8f0f8', 'Mary Martin', '9815 1547 3214 7569', '11/14', '987');
+INSERT INTO `SqlChalThree`.`customers` (`customerId`, `customerName`, `creditCardNumber`, `creditCardExp`, `creditCardSecurityNumber`) VALUES ('cef8433dc9f4e532999fd7767eaaf7ab620fd94d', 'Joseph McDonnell', '9175 1244 4758 8854', '12/13', '653');
+
+COMMIT;
+
+-- ======================================================
+-- Broken Authentication and Session Management Challenge 2
+-- ======================================================
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalTwo` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalTwo` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `BrokenAuthAndSessMangChalTwo` ;
+
+-- -----------------------------------------------------
+-- Table `BrokenAuthAndSessMangChalTwo`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalTwo`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `BrokenAuthAndSessMangChalTwo`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `BrokenAuthAndSessMangChalTwo`;
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (634, 'superuser', 'default', 'superman@security.com');
+INSERT INTO `BrokenAuthAndSessMangChalTwo`.`users` (`userId`, `userName`, `userPassword`, `userAddress`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com');
+
+COMMIT;
+
+-- ======================================================
+-- BrokenAuthAndSessMangChalThree
+-- ======================================================
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalThree` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalThree` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `BrokenAuthAndSessMangChalThree`;
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+
+-- -----------------------------------------------------
+-- Table `BrokenAuthAndSessMangChalThree`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalThree`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(8) NOT NULL DEFAULT 'guest' ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `BrokenAuthAndSessMangChalThree`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `BrokenAuthAndSessMangChalThree`;
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
+
+COMMIT;
+
+-- ======================================================
+-- directObjectRefChalOne
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `directObjectRefChalOne` ;
+CREATE SCHEMA IF NOT EXISTS `directObjectRefChalOne` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `directObjectRefChalOne` ;
+
+-- -----------------------------------------------------
+-- Table `directObjectRefChalOne`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `directObjectRefChalOne`.`users` (
+  `userId` VARCHAR(32) NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `privateMessage` MEDIUMTEXT NOT NULL ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `directObjectRefChalOne`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `directObjectRefChalOne`;
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('1', 'Paul Bourke', 'No Message Set');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('3', 'Will Bailey', 'I love Go Karting');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('5', 'Orla Cleary', 'As if!');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('7', 'Ronan Fitzpatrick', 'I have retired');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('9', 'Pat McKenana', 'I have a car!');
+INSERT INTO `directObjectRefChalOne`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('11', 'Hidden User', 'Result Key is <a>dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742</a>');
+
+COMMIT;
+
+-- ======================================================
+-- directObjectRefChalTwo
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `directObjectRefChalTwo` ;
+CREATE SCHEMA IF NOT EXISTS `directObjectRefChalTwo` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `directObjectRefChalTwo` ;
+
+-- -----------------------------------------------------
+-- Table `directObjectRefChalTwo`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `directObjectRefChalTwo`.`users` (
+  `userId` VARCHAR(32) NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `privateMessage` MEDIUMTEXT NOT NULL ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `directObjectRefChalTwo`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `directObjectRefChalTwo`;
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('c81e728d9d4c2f636f067f89cc14862c', 'Joe Sullivan', 'I was going to set a message, but then I decided not to.');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('eccbc87e4b5ce2fe28308fd9f2a7baf3', 'Will Bailey', 'I love Go Karting');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('e4da3b7fbbce2345d7772b0674a318d5', 'Orla Cleary', 'As if Im going to set a message. Who knows who could read it!');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('8f14e45fceea167a5a36dedd4bea2543', 'Ronan Fitzpatrick', 'I have retired');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('6512bd43d9caa6e02c990b0a82652dca', 'Pat McKenana', 'I have a car!');
+INSERT INTO `directObjectRefChalTwo`.`users` (`userId`, `userName`, `privateMessage`) VALUES ('c51ce410c124a10e0db5e4b97fc2af39', 'Hidden User', 'Result Key is <a>1f746b87a4e3628b90b1927de23f6077abdbbb64586d3ac9485625da21921a0f</a>');
+
+COMMIT;
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `SQLiC5Shop` ;
+CREATE SCHEMA IF NOT EXISTS `SQLiC5Shop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `SQLiC5Shop` ;
+
+-- -----------------------------------------------------
+-- Table `SQLiC5Shop`.`items`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`items` (
+  `itemId` INT NOT NULL,
+  `itemName` VARCHAR(45) NULL,
+  `itemCost` INT NULL,
+  PRIMARY KEY (`itemId`))
+ENGINE = InnoDB;
+
+-- -----------------------------------------------------
+-- Table `SQLiC5Shop`.`coupons`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`coupons` (
+  `couponId` INT NOT NULL,
+  `perCentOff` INT NULL,
+  `couponCode` VARCHAR(128) NULL,
+  `itemId` INT NOT NULL,
+  PRIMARY KEY (`couponId`),
+  INDEX `fk_coupons_items_idx` (`itemId` ASC),
+  CONSTRAINT `fk_coupons_items`
+    FOREIGN KEY (`itemId`)
+    REFERENCES `SQLiC5Shop`.`items` (`itemId`)
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+-- -----------------------------------------------------
+-- Table `SQLiC5Shop`.`vipCoupons`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `SQLiC5Shop`.`vipCoupons` (
+  `vipCouponId` INT NOT NULL,
+  `perCentOff` INT NULL,
+  `couponCode` VARCHAR(128) NULL,
+  `itemId` INT NOT NULL,
+  PRIMARY KEY (`vipCouponId`),
+  INDEX `fk_vipCoupons_items1_idx` (`itemId` ASC),
+  CONSTRAINT `fk_vipCoupons_items1`
+    FOREIGN KEY (`itemId`)
+    REFERENCES `SQLiC5Shop`.`items` (`itemId`)
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SQLiC5Shop`.`items`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SQLiC5Shop`;
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (1, 'MeGusta', 30);
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (2, 'Troll', 3000);
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (3, 'Rage', 45);
+INSERT INTO `SQLiC5Shop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (4, 'NotBad', 15);
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- Data for table `SQLiC5Shop`.`coupons`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SQLiC5Shop`;
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (1, 100, 'PleaseTakeARage', 3);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (2, 100, 'RageMemeForFree', 3);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (3, 10, 'PleaseTakeATroll', 2);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (4, 50, 'HalfOffTroll', 2);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (5, 10, 'PleaseTakeANotBad', 4);
+INSERT INTO `SQLiC5Shop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (6, 50, 'HalfOffNotBad', 4);
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- Data for table `SQLiC5Shop`.`vipCoupons`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SQLiC5Shop`;
+INSERT INTO `SQLiC5Shop`.`vipCoupons` (`vipCouponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (861267, 100, 'spcil\/|Pse3cr3etCouponStu.f4rU176', 2);
+
+COMMIT;
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `SqlChalFourSuperSecure` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalFourSuperSecure` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `SqlChalFourSuperSecure` ;
+
+-- ======================================================
+-- SQL Injection Challenge 4
+-- ======================================================
+
+-- -----------------------------------------------------
+-- Table `SqlChalFourSuperSecure`.`users`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `SqlChalFourSuperSecure`.`users` (
+  `idusers` INT NOT NULL AUTO_INCREMENT,
+  `userName` VARCHAR(45) NOT NULL,
+  `userPassword` VARCHAR(45) NOT NULL,
+  PRIMARY KEY (`idusers`),
+  UNIQUE INDEX `userName_UNIQUE` (`userName` ASC))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlChalFourSuperSecure`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlChalFourSuperSecure`;
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (1, 'adam', '87i2ueeu2ndsedssda');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (2, 'player', '87iueeundsedssda');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (3, 'user', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (4, 'mark', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (5, 'sean', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (6, 'denihan', 'password');
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (7, 'admin', "98y\'98hsadsoi!111,.,22ee");
+INSERT INTO `SqlChalFourSuperSecure`.`users` (`idusers`, `userName`, `userPassword`) VALUES (8, 'duggan', 'password');
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- SqlChalSix Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `SqlChalSix` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalSix` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `SqlChalSix` ;
+
+-- -----------------------------------------------------
+-- Table `SqlChalSix`.`users`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `SqlChalSix`.`users` (
+  `idusers` INT NOT NULL,
+  `userName` VARCHAR(45) NOT NULL,
+  `userPin` VARCHAR(16) NOT NULL,
+  `userQuestion` VARCHAR(128) NOT NULL,
+  `userAnswer` VARCHAR(256) NOT NULL,
+  `userAge` VARCHAR(16) NOT NULL,
+  PRIMARY KEY (`idusers`))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlChalSix`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlChalSix`;
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (1, 'George', '8367', 'What is your favourite Flower', 'A Red Rose', '23');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (2, 'Brendan', '4685', 'What is the answer to this level?', '17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82', '98');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (3, 'Sean', '1254', 'Your favourite Viking', 'Thor', '25');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (4, 'Anthony', '7844', 'What game do I suck at?', 'All of the games', '84');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (5, 'Owen', '4648', 'Favourite Sandwhich Topping', 'Peanutbutter', '33');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (6, 'Eoin', '2653', 'Where did I holiday in the summer of 69?', 'The Dark Side of the Moon', '12');
+INSERT INTO `SqlChalSix`.`users` (`idusers`, `userName`, `userPin`, `userQuestion`, `userAnswer`, `userAge`) VALUES (7, 'David', '3598', 'This is how we get ants', "Don\'t get me started", '6');
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- csrfChallengeEnumTokens Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `csrfChallengeEnumTokens` ;
+CREATE SCHEMA IF NOT EXISTS `csrfChallengeEnumTokens` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `csrfChallengeEnumTokens` ;
+
+-- -----------------------------------------------------
+-- Table `csrfChallengeEnumTokens`.`csrfTokens`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `csrfChallengeEnumTokens`.`csrfTokens` (
+  `userId` VARCHAR(64) NOT NULL,
+  `csrfTokenscol` VARCHAR(256) NULL,
+  PRIMARY KEY (`userId`))
+ENGINE = InnoDB;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- csrfChallengeFour Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `csrfChallengeFour` ;
+CREATE SCHEMA IF NOT EXISTS `csrfChallengeFour` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `csrfChallengeFour` ;
+
+-- -----------------------------------------------------
+-- Table `csrfChallengeFour`.`csrfTokens`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `csrfChallengeFour`.`csrfTokens` (
+  `userId` VARCHAR(64) NOT NULL,
+  `csrfTokenscol` VARCHAR(256) NULL,
+  PRIMARY KEY (`userId`))
+ENGINE = InnoDB;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- BrokenAuthAndSessMangChalFive Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalFive` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalFive` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `BrokenAuthAndSessMangChalFive`;
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+
+-- -----------------------------------------------------
+-- Table `BrokenAuthAndSessMangChalFive`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalFive`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(8) NOT NULL DEFAULT 'guest' ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `BrokenAuthAndSessMangChalFive`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `BrokenAuthAndSessMangChalFive`;
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (12, 'admin', 'default', 'zoidberg22@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (321, 'administrator', 'default', 'buzzthebald@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 'default', 'elitehacker@shepherd.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (634, 'superuser', 'default', 'superman@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 'default', 'spoiltbrat@security.com', 'admin');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (40, 'guest1', 'default', 'guest1@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (41, 'guest2', 'default', 'guest2@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (42, 'guest3', 'default', 'guest3@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (43, 'guest4', 'default', 'guest4@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (44, 'guest5', 'default', 'guest5@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (45, 'guest6', 'default', 'guest6@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (46, 'guest7', 'default', 'guest7@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (47, 'guest8', 'default', 'guest8@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (48, 'guest9', 'guest', 'guest9@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (49, 'guest11', 'guest', 'guest11@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (50, 'guest12', 'guest', 'guest12@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (51, 'guest13', 'guest', 'guest13@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (52, 'guest14', 'guest', 'guest14@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (53, 'guest15', 'guest', 'guest15@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (54, 'guest16', 'guest', 'guest16@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (55, 'guest17', 'guest', 'guest17@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (56, 'guest18', 'guest', 'guest18@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (57, 'guest19', 'guest', 'guest19@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (58, 'guest20', 'guest', 'guest20@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (59, 'guest21', 'guest', 'guest21@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (60, 'guest22', 'guest', 'guest22@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (61, 'guest23', 'guest', 'guest23@guest.com', 'guest');
+INSERT INTO `BrokenAuthAndSessMangChalFive`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (62, 'guest10', 'guest', 'guest10@guest.com', 'guest');
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- Session Management Challenge Six Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSix` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSix` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `BrokenAuthAndSessMangChalSix` ;
+
+-- -----------------------------------------------------
+-- Table `BrokenAuthAndSessMangChalSix`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSix`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `secretQuestion` VARCHAR(256) NOT NULL ,
+  `secretAnswer` VARCHAR(128) NOT NULL, 
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `BrokenAuthAndSessMangChalSix`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `BrokenAuthAndSessMangChalSix`;
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1224, 'manager', 		'!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com',	'What is the first name of the person you first kissed?', 'Lena Andrysiak');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1225, 'sean',	 		'!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com',	'What is the first name of the person you first kissed?', 'Ronit Tornincasa');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3214, 'administrator', 	'!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com','What is the last name of the teacher who gave you your first failing grade?', 'Aran Keegan');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3212, 'root', 			'!148972hsfalkjlkfi381', 'elitehacker@shepherd.com','What is the name of the place your wedding reception was held?', 'Deerburn Hotel');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6344, 'superuser', 		'!148972hsfalkjlkfi381', 'superman@security.com',	'Who was the first person to beat you up when you were 8 years old?', 'Lileas Lockwood');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com',	'What was the name of the person who stole your TV the second time?', 'Olwen Sordi');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6343, 'mark', 			'148!972hsfalkjlkfi381', 'superman2@security.com',	'Who is your favourite Barista?', 'Buzz Fendall');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6342, 'markdenihan', 	'148!972hsfalkjlkfi381', 'superman3@security.com',	'Who is your most favourite person you have not met?', 'Etna Filippi');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com',	'Who is your most favourite person you have not met?', 'Emily Fabian');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com',	'Who is your most favourite person you have not met?', 'Leola Naggia');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com',	'Who is your most favourite person you have not met?', 'Gladys Gabrielli');
+INSERT INTO `BrokenAuthAndSessMangChalSix`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com',	'Who is your most favourite person you have not met?', 'Morag Bristol');
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- Session Management Challenge Seven Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `BrokenAuthAndSessMangChalSeven` ;
+CREATE SCHEMA IF NOT EXISTS `BrokenAuthAndSessMangChalSeven` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `BrokenAuthAndSessMangChalSeven` ;
+
+-- -----------------------------------------------------
+-- Table `BrokenAuthAndSessMangChalSeven`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `BrokenAuthAndSessMangChalSeven`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `secretQuestion` VARCHAR(256) NOT NULL ,
+  `secretAnswer` VARCHAR(128) NOT NULL, 
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `BrokenAuthAndSessMangChalSeven`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `BrokenAuthAndSessMangChalSeven`;
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1224, 'manager', 		'!148972hsfalkjlkfi381', 'zoidberg23@shepherd.com',		'What is your favourite flower?', 'Jade Vine');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (1225, 'sean',	 		'!148972hsfalkjlkfi381', 'zoidberg24@shepherd.com',		'What is your favourite flower?', 'Corpse Flower');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3214, 'administrator', 	'!148972hsfalkjlkfi381', 'buzzthebald@shepherd.com','What is your favourite flower?', 'Gibraltar Campion');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (3212, 'root', 			'!148972hsfalkjlkfi381', 'elitehacker@shepherd.com',	'What is your favourite flower?', 'Franklin Tree');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6344, 'superuser', 		'!148972hsfalkjlkfi381', 'superman@security.com',	'What is your favourite flower?', 'Jade Vine');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com',	'What is your favourite flower?', 'Middlemist Red');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6343, 'mark', 			'148!972hsfalkjlkfi381', 'superman2@security.com',		'What is your favourite flower?', 'Chocolate Cosmos');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6342, 'markdenihan', 	'148!972hsfalkjlkfi381', 'superman3@security.com',		'What is your favourite flower?', 'Ghost Orchid');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com',	'What is your favourite flower?', 'Jade Vine');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com',		'What is your favourite flower?', 'Ghost Orchid');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com',	'What is your favourite flower?', 'Corpse Flower');
+INSERT INTO `BrokenAuthAndSessMangChalSeven`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `secretQuestion`, `secretAnswer`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com',		'What is your favourite flower?', 'Gibraltar Campion');
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- CryptShop Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `CryptShop` ;
+CREATE SCHEMA IF NOT EXISTS `CryptShop` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `CryptShop` ;
+
+-- -----------------------------------------------------
+-- Table `CryptShop`.`items`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `CryptShop`.`items` (
+  `itemId` INT NOT NULL,
+  `itemName` VARCHAR(45) NULL,
+  `itemCost` INT NULL,
+  PRIMARY KEY (`itemId`))
+ENGINE = InnoDB;
+
+-- -----------------------------------------------------
+-- Table `CryptShop`.`coupons`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `CryptShop`.`coupons` (
+  `couponId` INT NOT NULL,
+  `perCentOff` INT NULL,
+  `couponCode` VARCHAR(128) NULL,
+  `itemId` INT NOT NULL,
+  PRIMARY KEY (`couponId`),
+  INDEX `fk_coupons_items_idx` (`itemId` ASC),
+  CONSTRAINT `fk_coupons_items`
+    FOREIGN KEY (`itemId`)
+    REFERENCES `CryptShop`.`items` (`itemId`)
+    ON DELETE NO ACTION
+    ON UPDATE NO ACTION)
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `CryptShop`.`items`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `CryptShop`;
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (1, 'MeGusta', 30);
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (2, 'Troll', 3000);
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (3, 'Rage', 45);
+INSERT INTO `CryptShop`.`items` (`itemId`, `itemName`, `itemCost`) VALUES (4, 'NotBad', 15);
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- Data for table `CryptShop`.`coupons`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `CryptShop`;
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (1, 100, 'PleaseTakeARage', 3);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (2, 100, 'RageMemeForFree', 3);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (3, 10, 'PleaseTakeATroll', 2);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (4, 50, 'HalfOffTroll', 2);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (5, 10, 'PleaseTakeANotBad', 4);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (6, 50, 'HalfOffNotBad', 4);
+INSERT INTO `CryptShop`.`coupons` (`couponId`, `perCentOff`, `couponCode`, `itemId`) VALUES (432197, 100, 'e!c!3etZoumo@Stu4rU176', 2);
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- Failure to Restrict URL Access Challenge Three Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `UrlAccessThree` ;
+CREATE SCHEMA IF NOT EXISTS `UrlAccessThree` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `UrlAccessThree` ;
+
+-- -----------------------------------------------------
+-- Table `UrlAccessThree`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `UrlAccessThree`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userAddress` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(32) NOT NULL,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `UrlAccessThree`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `UrlAccessThree`;
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1223, 'aGuest', 		'!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'guest');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1224, 'manager', 		'!14897-hs.alNj.kFim81', 'zoidberg23@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (1225, 'sean',	 		'!14897-hs.alNj.kFim81', 'zoidberg24@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3214, 'administrator', 	'!14897-hs.alNj.kFim81', 'buzzthebald@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (3212, 'root', 			'!14897-hs.alNj.kFim81', 'elitehacker@shepherd.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6344, 'superuser', 		'!14897-hs.alNj.kFim81', 'superman@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6345, 'MrJohnReillyTheSecond', 		'!14897-hs.alNj.kFim81', 'MrJohnReillyTheSecond@security.com', 'superadmin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6346, 'megauser', 		'!14897-hs.alNj.kFim81', 'megaman@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6347, 'hyperuser', 		'!14897-hs.alNj.kFim81', 'hmegaman@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6348, 'godzilla', 		'!14897-hs.alNj.kFim81', 'godzilla@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6349, 'kinguser', 		'!14897-hs.alNj.kFim81', 'kinguser@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (4524, 'privileged', 		'1489!72hsfalkjlkfi381', 'spoiltbrat@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6343, 'mark', 			'148!97-hs.alNj.kFim81', 'superman2@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6342, 'markdenihan', 	'148!97-hs.alNj.kFim81', 'superman3@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6341, 'seanduggan', 		'148972!hsfalkjlkfi381', 'superman4@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6551, 'rootuser', 		'14897!2hsfalkjlkfi381', 'superman6@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6552, 'adminuser', 		'1489!72hsfalkjlkfi381', 'superman7@security.com', 'admin');
+INSERT INTO `UrlAccessThree`.`users` (`userId`, `userName`, `userPassword`, `userAddress`, `userRole`) VALUES (6559, 'shepherd', 		'148972hsfalk!jlkfi381', 'superman8@security.com', 'admin');
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- sqlInjectSeven Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+DROP SCHEMA IF EXISTS `sqlInjectSeven` ;
+CREATE SCHEMA IF NOT EXISTS `sqlInjectSeven` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `sqlInjectSeven`;
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+
+-- -----------------------------------------------------
+-- Table `sqlInjectSeven`.`users`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `sqlInjectSeven`.`users` (
+  `userId` INT NOT NULL ,
+  `userName` VARCHAR(32) NOT NULL ,
+  `userPassword` VARCHAR(128) NOT NULL ,
+  `userEmail` VARCHAR(128) NOT NULL ,
+  `userRole` VARCHAR(8) NOT NULL DEFAULT 'default' ,
+  PRIMARY KEY (`userId`) )
+ENGINE = InnoDB;
+
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `sqlInjectSeven`.`users`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `sqlInjectSeven`;
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (40, 'User 1', 'de1027fnNys6687as!283619fj1237fault', 'UserJohn1@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (41, 'User 2', 'd128361027fnNys6687as!9fj1237efault', 'UserJim2@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (42, 'User 3', 'defa1283619f027fnNys6687as!j1237ult', 'UserJone3@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (43, 'User 4', 'd1283619fj12027fnNys6687as!37efault', 'UserBell4@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (44, 'User 5', 'defau1283619fj1237lt', 'UserConan5@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (45, 'User 6', 'de1283619fj1237fault', 'UserSmioth6@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (46, 'User 7', 'def1d88027fnNys6687as!sd&dsault', 'UserHat7@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (47, 'User 8', 'def1d027fnNys6687as!88sd&dsault', 'UserPage8@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (48, 'User 9', 'defaul027fnNys6687as!1d88sd&dst', 'UserCube9@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (49, 'User 11', 'd1d88027fnNys6687as!sd&dsefault', 'MrsJohn1@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (50, 'User 12', 'defau027fnNys6687as!l1d88sd&dst', 'MrsJim2@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (51, 'User 13', 'def_926diUUscnaosOault', 'MrsJone3@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (52, 'User 14', 'd_926diUUscnaosOefault', 'MrsBell4@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (53, 'User 15', 'defaul_926diUUscnaosOt', 'MrsConan5@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (54, 'User 16', 'de_926diUUscnaosOfault', 'MrsSmioth6@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (55, 'User 17', 'defaul_926diUUscnaosOt', 'MrsHat7@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (56, 'User 18', 'de_926diUUscnaosOfault', 'MrsPage8@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (57, 'User 19', 'defa_926diUUscnaosOult', 'MrsCube9@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (58, 'User 20', 'd_926diUUscnaosOefault', 'Mr20@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (59, 'User 21', 'defa1027fnNys6687as!ult', 'Mr2John1@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (60, 'User 22', 'de027fnNys6687as!fault', 'Mr2Jim2@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (61, 'User 23', 'defau027fnNys6687as!lt', 'Mr2Jone3@User.com', 'default');
+INSERT INTO `sqlInjectSeven`.`users` (`userId`, `userName`, `userPassword`, `userEmail`, `userRole`) VALUES (62, 'User 10', 'def027fnNys6687as!ault', 'Mrs0@User.com', 'default');
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- securityMisconfigStealToken Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `securityMisconfigStealToken` ;
+CREATE SCHEMA IF NOT EXISTS `securityMisconfigStealToken` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `securityMisconfigStealToken` ;
+
+-- -----------------------------------------------------
+-- Table `securityMisconfigStealToken`.`tokens`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `securityMisconfigStealToken`.`tokens` (
+  `idtokens` INT NOT NULL AUTO_INCREMENT,
+  `userId` VARCHAR(64) NULL,
+  `token` VARCHAR(64) NULL,
+  PRIMARY KEY (`idtokens`),
+  UNIQUE INDEX `userId_UNIQUE` (`userId` ASC),
+  UNIQUE INDEX `token_UNIQUE` (`token` ASC))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- getToken Procedure
+DELIMITER $$
+USE `securityMisconfigStealToken`$$
+CREATE PROCEDURE `securityMisconfigStealToken`.`getToken` (IN theUserId VARCHAR(64))
+BEGIN
+DECLARE tokenExists INT;
+COMMIT;
+SELECT count(token) FROM `securityMisconfigStealToken`.`tokens` WHERE userId = theUserId INTO tokenExists;
+IF (tokenExists < 1) THEN
+	INSERT INTO tokens (userId, token) VALUES (theUserId, SHA2(CONCAT(RAND(), now()), 256));
+	COMMIT;
+END IF;
+SELECT token FROM tokens WHERE userId = theUserId;
+END
+$$
+
+DELIMITER ;
+
+-- validToken Procedure
+DELIMITER $$
+USE `securityMisconfigStealToken`$$
+CREATE PROCEDURE `securityMisconfigStealToken`.`validToken` (IN theUserId VARCHAR(64), theToken VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT count(token) FROM `securityMisconfigStealToken`.`tokens` WHERE userId != theUserId AND token = theToken;
+END
+$$
+
+DELIMITER ;
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- DirectObjectBank Schema
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL,ALLOW_INVALID_DATES';
+
+DROP SCHEMA IF EXISTS `directObjectBank` ;
+CREATE SCHEMA IF NOT EXISTS `directObjectBank` DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci ;
+USE `directObjectBank` ;
+
+-- -----------------------------------------------------
+-- Table `directObjectBank`.`bankAccounts`
+-- -----------------------------------------------------
+CREATE TABLE IF NOT EXISTS `directObjectBank`.`bankAccounts` (
+  `account_number` INT NOT NULL AUTO_INCREMENT,
+  `account_holder` VARCHAR(45) NOT NULL,
+  `account_password` VARCHAR(256) NOT NULL,
+  `account_balance` FLOAT NOT NULL DEFAULT 5,
+  PRIMARY KEY (`account_number`), 
+  UNIQUE INDEX `account_holder_UNIQUE` (`account_holder` ASC))
+ENGINE = InnoDB;
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `directObjectBank`.`bankAccounts`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `directObjectBank`;
+INSERT INTO `directObjectBank`.`bankAccounts` (`account_number`, `account_holder`, `account_password`, `account_balance`) VALUES (0, 'Mr. Banks', 'SignInImpossibleBecauseNotHashed', 10000000);
+
+COMMIT;
+
+-- BankAuth Procedure
+DELIMITER $$
+USE `directObjectBank`$$
+CREATE PROCEDURE `directObjectBank`.`bankAuth` (IN theUserId VARCHAR(45), thePass VARCHAR(256))
+BEGIN
+COMMIT;
+SELECT account_number, account_holder FROM `directObjectBank`.`bankAccounts` WHERE account_holder = theUserId AND account_password = SHA2(thePass, 256);
+END
+$$
+
+DELIMITER ;
+
+-- CurrentFunds Procedure
+DELIMITER $$
+USE `directObjectBank`$$
+CREATE PROCEDURE `directObjectBank`.`currentFunds` (IN theBankAccountNumber VARCHAR(45))
+BEGIN
+COMMIT;
+SELECT account_balance FROM `directObjectBank`.`bankAccounts` WHERE account_number = theBankAccountNumber;
+END
+$$
+
+DELIMITER ;
+
+-- transferFunds Procedure
+DELIMITER $$
+USE `directObjectBank`$$
+CREATE PROCEDURE `directObjectBank`.`transferFunds` (IN theGiverAccountNumber VARCHAR(45), IN theRecieverAccountNumber VARCHAR(45), IN theAmmount FLOAT)
+BEGIN
+COMMIT;
+UPDATE `directObjectBank`.`bankAccounts` 
+	SET account_balance = account_balance - theAmmount
+	WHERE account_number = theGiverAccountNumber;
+UPDATE `directObjectBank`.`bankAccounts` 
+	SET account_balance = account_balance + theAmmount
+	WHERE account_number = theRecieverAccountNumber;
+COMMIT;
+END
+$$
+
+DELIMITER ;
+
+-- createAccount Procedure
+DELIMITER $$
+USE `directObjectBank`$$
+CREATE PROCEDURE `directObjectBank`.`createAccount` (IN accountHolder VARCHAR(45), IN accountPassword VARCHAR(256))
+BEGIN
+COMMIT;
+INSERT INTO `directObjectBank`.`bankAccounts` (`account_holder`, `account_password`, `account_balance`) VALUES (accountHolder, SHA2(accountPassword, 256), 0);
+COMMIT;
+END
+$$
+
+DELIMITER ;
+
+COMMIT;
+
+-- ======================================================
+-- SQL Stored Proecure Challenge
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `SqlChalStoredProc` ;
+CREATE SCHEMA IF NOT EXISTS `SqlChalStoredProc` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `SqlChalStoredProc` ;
+
+-- -----------------------------------------------------
+-- Table `SqlChalStoredProc`.`customers`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `SqlChalStoredProc`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(128) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlChalStoredProc`.`customers`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlChalStoredProc`;
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019ce129ee8960a6b875b20095705d53f8c7b0ca', 'John Fits', 'crazycat@example.com', NULL);
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc1059903f464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'the1night2before3four@exampleEmails.com', 'Well Done! The Result key is d9c5757c1c086d02d491cbe46a941ecde5a65d523de36ac1bfed8dd4dd9994c8');
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('05159435826869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'manycolours@cube.com', NULL);
+INSERT INTO `SqlChalStoredProc`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26a1deccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'sixshooter@deaf.com', NULL);
+
+COMMIT;
+
+-- findUser Procedure
+DELIMITER $$
+USE `SqlChalStoredProc`$$
+CREATE PROCEDURE `SqlChalStoredProc`.`findUser` (IN theAddress VARCHAR(128))
+BEGIN
+COMMIT;
+SELECT * FROM customers WHERE customerAddress = theAddress;
+END
+$$
+
+DELIMITER ;
+
+COMMIT;
+
+-- -----------------------------------------------------
+-- ======================================================
+-- ======================================================
+-- SQL Injection Poor Escaping (email)
+-- ======================================================
+
+SET @OLD_UNIQUE_CHECKS=@@UNIQUE_CHECKS, UNIQUE_CHECKS=0;
+SET @OLD_FOREIGN_KEY_CHECKS=@@FOREIGN_KEY_CHECKS, FOREIGN_KEY_CHECKS=0;
+SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='TRADITIONAL';
+
+DROP SCHEMA IF EXISTS `SqlPoorEscape` ;
+CREATE SCHEMA IF NOT EXISTS `SqlPoorEscape` DEFAULT CHARACTER SET latin1 COLLATE latin1_swedish_ci ;
+USE `SqlPoorEscape` ;
+
+-- -----------------------------------------------------
+-- Table `SqlPoorEscape`.`customers`
+-- -----------------------------------------------------
+CREATE  TABLE IF NOT EXISTS `SqlPoorEscape`.`customers` (
+  `customerId` VARCHAR(64) NOT NULL ,
+  `customerName` VARCHAR(32) NOT NULL ,
+  `customerAddress` VARCHAR(35) NOT NULL ,
+  `comment` LONGTEXT NULL ,
+  PRIMARY KEY (`customerId`) )
+ENGINE = InnoDB;
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+-- -----------------------------------------------------
+-- Data for table `SqlPoorEscape`.`customers`
+-- -----------------------------------------------------
+START TRANSACTION;
+USE `SqlPoorEscape`;
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('019h53d60a6b875b20095705d53f8c7b0ca', 'John Fits', 'thislifecouldbethelast@example.com', NULL);
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('44e2bdc105ifdua464e5ba9a34b927614d7fee55', 'Rita Hanolan', 'dontfoolyourself@example.com', 'Well Done! The Result key is 0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac');
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('051594asdjd6869ccfd76d77a2ed4ba7c2023f0cb', 'Rubix Man', 'dontkidyourself@cube.com', NULL);
+INSERT INTO `SqlPoorEscape`.`customers` (`customerId`, `customerName`, `customerAddress`, `comment`) VALUES ('6c5c26adjdccf4a87059deb0a3fb463ff7d62fd5', 'Paul O Brien', 'andweretooyoungtosee@deaf.com', NULL);
+
+COMMIT;
+
+
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+-- Module Schema Users
+-- -----------------------------------------------------
+-- -----------------------------------------------------
+
+
+SET SQL_MODE=@OLD_SQL_MODE;
+SET FOREIGN_KEY_CHECKS=@OLD_FOREIGN_KEY_CHECKS;
+SET UNIQUE_CHECKS=@OLD_UNIQUE_CHECKS;
+
+commit;
+
+GRANT USAGE ON *.* TO 'userLookUuuup'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'userLookUuuup'@'localhost';
+CREATE USER 'userLookUuuup'@'localhost' IDENTIFIED BY 'youMomaSoTh1n';
+GRANT SELECT ON `SqlChalSix`.`users`  TO 'userLookUuuup'@'localhost';
+
+GRANT USAGE ON *.* TO 'DnTPubUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'DnTPubUser'@'localhost';
+CREATE USER 'DnTPubUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
+GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTPubUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`coupons` TO 'DnTPubUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'DnTVipUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'DnTVipUser'@'localhost';
+CREATE USER 'DnTVipUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
+GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTVipUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`vipCoupons` TO 'DnTVipUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'DnTPurUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'DnTPurUser'@'localhost';
+CREATE USER 'DnTPurUser'@'localhost' IDENTIFIED BY 'ch3fBrownSa4useIsS00000Go0d';
+GRANT SELECT ON `SQLiC5Shop`.`items` TO 'DnTPurUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`coupons` TO 'DnTPurUser'@'localhost';
+GRANT SELECT ON `SQLiC5Shop`.`vipCoupons` TO 'DnTPurUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'firstBloodyMessL'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'firstBloodyMessL'@'localhost';
+CREATE USER 'firstBloodyMessL'@'localhost' IDENTIFIED BY 'firstBlooded';
+GRANT SELECT ON `SqlInjLesson`.`tb_users` TO 'firstBloodyMessL'@'localhost';
+
+GRANT USAGE ON *.* TO 'CharlieSeabrook'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'CharlieSeabrook'@'localhost';
+CREATE USER 'CharlieSeabrook'@'localhost' IDENTIFIED BY 'shallowHal';
+GRANT SELECT ON `SqlChalEmail`.`customers` TO 'CharlieSeabrook'@'localhost';
+
+GRANT USAGE ON *.* TO 'RightGuard3d'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'RightGuard3d'@'localhost';
+CREATE USER 'RightGuard3d'@'localhost' IDENTIFIED BY 'logic3Speaker';
+GRANT SELECT ON `SqlChalOne`.`customers` TO 'RightGuard3d'@'localhost';
+
+GRANT USAGE ON *.* TO 'HdmiNoSignal'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'HdmiNoSignal'@'localhost';
+CREATE USER 'HdmiNoSignal'@'localhost' IDENTIFIED BY '1nforma1ion';
+GRANT SELECT ON `SqlChalThree`.`customers` TO 'HdmiNoSignal'@'localhost';
+
+GRANT USAGE ON *.* TO 'randomUserName'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'randomUserName'@'localhost';
+CREATE USER 'randomUserName'@'localhost' IDENTIFIED BY 'c4utionHoT';
+GRANT SELECT ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
+GRANT UPDATE ON `BrokenAuthAndSessMangChalTwo`.`users` TO 'randomUserName'@'localhost';
+
+GRANT USAGE ON *.* TO 'doveM3nCare'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'doveM3nCare'@'localhost';
+CREATE USER 'doveM3nCare'@'localhost' IDENTIFIED BY 'plusm0r3';
+GRANT SELECT ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
+GRANT UPDATE ON `BrokenAuthAndSessMangChalThree`.`users` TO 'doveM3nCare'@'localhost';
+
+GRANT USAGE ON *.* TO 'murr4yFe1ld'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'murr4yFe1ld'@'localhost';
+CREATE USER  'murr4yFe1ld'@'localhost' IDENTIFIED BY '4gainst3ngl4nd';
+GRANT SELECT ON `directObjectRefChalOne`.`users` TO 'murr4yFe1ld'@'localhost';
+
+GRANT USAGE ON *.* TO 'd3nn1sM4nely'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'd3nn1sM4nely'@'localhost';
+CREATE USER  'd3nn1sM4nely'@'localhost' IDENTIFIED BY 'Pr0ductM4rket1ngIssu3s';
+GRANT SELECT ON `directObjectRefChalTwo`.`users` TO 'd3nn1sM4nely'@'localhost';
+
+GRANT USAGE ON *.* TO 'secureDood'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'secureDood'@'localhost';
+CREATE USER  'secureDood'@'localhost' IDENTIFIED BY 'iCantEv3n';
+GRANT SELECT ON `SqlChalFourSuperSecure`.`users` TO 'secureDood'@'localhost';
+
+GRANT USAGE ON *.* TO 'csrfChalEnuer'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'csrfChalEnuer'@'localhost';
+CREATE USER  'csrfChalEnuer'@'localhost' IDENTIFIED BY 'c4n1bUplZ';
+GRANT SELECT ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
+GRANT INSERT ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
+GRANT UPDATE ON `csrfChallengeEnumTokens`.`csrfTokens` TO 'csrfChalEnuer'@'localhost';
+
+GRANT USAGE ON *.* TO 'l3tsg0cra'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'l3tsg0cra'@'localhost';
+CREATE USER 'l3tsg0cra'@'localhost' IDENTIFIED BY '83ururMa';
+GRANT SELECT ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
+GRANT UPDATE ON `BrokenAuthAndSessMangChalFive`.`users` TO 'l3tsg0cra'@'localhost';
+
+GRANT USAGE ON *.* TO 'csrfChalFour'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'csrfChalFour'@'localhost';
+CREATE USER  'csrfChalFour'@'localhost' IDENTIFIED BY 'R1n13U2pv';
+GRANT SELECT ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
+GRANT INSERT ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
+GRANT UPDATE ON `csrfChallengeFour`.`csrfTokens` TO 'csrfChalFour'@'localhost';
+
+GRANT USAGE ON *.* TO 'randomMoFoName'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'randomMoFoName'@'localhost';
+CREATE USER 'randomMoFoName'@'localhost' IDENTIFIED BY 'c2zXlq_ZoT';
+GRANT SELECT ON `BrokenAuthAndSessMangChalSix`.`users` TO 'randomMoFoName'@'localhost';
+
+GRANT USAGE ON *.* TO 'randomFlower'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'randomFlower'@'localhost';
+CREATE USER 'randomFlower'@'localhost' IDENTIFIED BY 'c21-le_6oT';
+GRANT SELECT ON `BrokenAuthAndSessMangChalSeven`.`users` TO 'randomFlower'@'localhost';
+
+GRANT USAGE ON *.* TO 'tSwsfUSer'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'tSwsfUSer'@'localhost';
+CREATE USER 'tSwsfUSer'@'localhost' IDENTIFIED BY '9s31iusd-n';
+GRANT SELECT ON `CryptShop`.`items` TO 'tSwsfUSer'@'localhost';
+GRANT SELECT ON `CryptShop`.`coupons` TO 'tSwsfUSer'@'localhost';
+
+GRANT USAGE ON *.* TO 'yourOrEll'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'yourOrEll'@'localhost';
+CREATE USER 'yourOrEll'@'localhost' IDENTIFIED BY '91dj3:766f';
+GRANT SELECT ON `UrlAccessThree`.`users` TO 'yourOrEll'@'localhost';
+
+GRANT USAGE ON *.* TO 'r1ndomFlower'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'r1ndomFlower'@'localhost';
+CREATE USER 'r1ndomFlower'@'localhost' IDENTIFIED BY 'c41-l2_6oT';
+GRANT SELECT ON `sqlInjectSeven`.`users` TO 'r1ndomFlower'@'localhost';
+
+GRANT USAGE ON *.* TO 'al1th3Tokens'@'localhost' IDENTIFIED BY 'password';
+DROP USER  'al1th3Tokens'@'localhost';
+CREATE USER 'al1th3Tokens'@'localhost' IDENTIFIED BY '87SDO63yUN.';
+GRANT SELECT ON `securityMisconfigStealToken`.`tokens` TO 'al1th3Tokens'@'localhost';
+GRANT INSERT ON `securityMisconfigStealToken`.`tokens` TO 'al1th3Tokens'@'localhost';
+GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`getToken` TO 'al1th3Tokens'@'localhost';
+GRANT EXECUTE ON PROCEDURE `securityMisconfigStealToken`.`validToken`  TO 'al1th3Tokens'@'localhost';
+
+GRANT USAGE ON *.* TO 'theBankMan'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'theBankMan'@'localhost';
+CREATE USER 'theBankMan'@'localhost' IDENTIFIED BY 'B4ndkm.M98n';
+GRANT SELECT ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
+GRANT INSERT ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
+GRANT UPDATE ON `directObjectBank`.`bankAccounts` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`bankAuth` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`currentFunds` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`transferFunds` TO 'theBankMan'@'localhost';
+GRANT EXECUTE ON PROCEDURE `directObjectBank`.`createAccount` TO 'theBankMan'@'localhost';
+
+GRANT USAGE ON *.* TO 'procChalUser'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'procChalUser'@'localhost';
+CREATE USER 'procChalUser'@'localhost' IDENTIFIED BY 'k61dSmsM*8n';
+GRANT SELECT ON `SqlChalStoredProc`.`customers` TO 'procChalUser'@'localhost';
+GRANT EXECUTE ON PROCEDURE `SqlChalStoredProc`.`findUser` TO 'procChalUser'@'localhost';
+
+GRANT USAGE ON *.* TO 'imVideoingThis'@'localhost' IDENTIFIED BY 'password';
+DROP USER 'imVideoingThis'@'localhost';
+CREATE USER 'imVideoingThis'@'localhost' IDENTIFIED BY 'auoi@7723dj';
 GRANT SELECT ON `SqlPoorEscape`.`customers` TO 'imVideoingThis'@'localhost';
\ No newline at end of file
diff --git a/SecurityShepherdCore/setupFiles/shepherdTotalInstall.sh b/SecurityShepherdCore/setupFiles/shepherdTotalInstall.sh
index 2e890ea10..4b70fc363 100644
--- a/SecurityShepherdCore/setupFiles/shepherdTotalInstall.sh
+++ b/SecurityShepherdCore/setupFiles/shepherdTotalInstall.sh
@@ -1,6 +1,6 @@
-shepherdServerXmlLocation=https://raw.githubusercontent.com/markdenihan/owaspSecurityShepherd/master/SecurityShepherdCore/setupFiles/tomcatShepherdSampleServer.xml
-shepherdWebXmlLocation=https://raw.githubusercontent.com/markdenihan/owaspSecurityShepherd/master/SecurityShepherdCore/setupFiles/tomcatShepherdSampleWeb.xml
-shepherdManualPackLocation=http://sourceforge.net/projects/owaspshepherd/files/owaspSecurityShepherd_V2.4%20Manual%20Pack.zip/download
+shepherdServerXmlLocation=https://raw.githubusercontent.com/owasp/SecurityShepherd/master/SecurityShepherdCore/setupFiles/tomcatShepherdSampleServer.xml
+shepherdWebXmlLocation=https://raw.githubusercontent.com/owasp/SecurityShepherd/master/SecurityShepherdCore/setupFiles/tomcatShepherdSampleWeb.xml
+shepherdManualPackLocation=http://sourceforge.net/projects/owaspshepherd/files/owaspSecurityShepherd_V3.0%20Manual%20Pack.zip/download
 if [[ $EUID -ne 0 ]]; then
    echo "This script must be run as root" 1>&2
    exit 1
@@ -21,6 +21,7 @@ else
 	cd /home/*
 	sudo apt-get install -y dos2unix
 	sudo dos2unix manualPack/*.sql
+	sudo dos2unix manualPack/*.js
 	sudo chmod 775 manualPack/*.war
 	cd /var/lib/tomcat7/webapps/
 	sudo rm -rf *
@@ -29,10 +30,17 @@ else
 	echo "Configuring MySQL"
 	echo "MySQL Password Please:"
 	mysql -u root -e "source coreSchema.sql" --force -p
-	echo "Ignore Error about Core.CheatSheet."
 	echo "MySQL Password Please:"
 	mysql -u root -e "source moduleSchemas.sql" --force -p
-	echo "Ignore DROP USER failures"
+	
+	#Install and Config MongoDB
+	echo "Installing MongoDB"
+	sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10
+	echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list
+	sudo apt-get update
+	sudo apt-get install -y mongodb-org=2.6.9 mongodb-org-server=2.6.9 mongodb-org-shell=2.6.9 mongodb-org-mongos=2.6.9 mongodb-org-tools=2.6.9
+	sleep 10
+	mongo /home/*/manualPack/mongoSchema.js
 	
 	#Configuring Tomcat to Run the way we want (Oracle Java, HTTPs, Port 80 redirect to 443
 	echo "Configuring Tomcat"
@@ -68,6 +76,6 @@ else
 	chown tomcat7 /etc/authbind/byport/443
 	
 	#Restart Tomcat
-	sudo service tomcat7 restart
+	sudo service tomcat7 restart	
 	echo "Shepherd is Ready to Rock!"
 fi
\ No newline at end of file
diff --git a/SecurityShepherdCore/setupFiles/updateCoreSchemaV2.4toV3.sql b/SecurityShepherdCore/setupFiles/updateCoreSchemaV2.4toV3.sql
index 7244a6651..47eb86ab6 100644
--- a/SecurityShepherdCore/setupFiles/updateCoreSchemaV2.4toV3.sql
+++ b/SecurityShepherdCore/setupFiles/updateCoreSchemaV2.4toV3.sql
@@ -1,29 +1,201 @@
 use core;
 -- --------------------------------------
--- Module Table Stuff
+-- Class Table Update
 -- --------------------------------------
+SELECT "Updating Class Table Structure" FROM DUAL;
+ALTER TABLE class ADD UNIQUE (className);
 
+-- --------------------------------------
+-- Module Table Stuff
+-- --------------------------------------
+SELECT "Updating Module Table Structure" FROM DUAL;
 ALTER TABLE modules ADD moduleNameLangPointer VARCHAR(64);
 ALTER TABLE modules ADD moduleCategoryLangPointer VARCHAR(64);
-UPDATE modules SET moduleNameLangPointer = REPLACE(LOWER(moduleName), ' ', '.');
-UPDATE modules SET moduleCategoryLangPointer = REPLACE(LOWER(moduleCategory), ' ', '.');
+COMMIT;
+UPDATE modules SET moduleNameLangPointer = REPLACE(LOWER(moduleName), " ", "."), moduleCategoryLangPointer = REPLACE(LOWER(moduleCategory), " ", ".");
+COMMIT;
 UPDATE modules SET moduleCategoryLangPointer = 'poor.data.validation', moduleCategory = 'Poor Data Validation' WHERE moduleCategoryLangPointer = 'bad.data.validation';
 UPDATE modules SET moduleNameLangPointer = 'failure.to.restrict.url.access.1', moduleName = 'Failure to Restrict URL Access 1' WHERE moduleId = '3d5b46abc6865ba09aaff98a8278a5f5e339abff';
 UPDATE modules SET moduleNameLangPointer = 'failure.to.restrict.url.access.2', moduleName = 'Failure to Restrict URL Access 2' WHERE moduleId = 'c7ac1e05faa2d4b1016cfcc726e0689419662784';
+COMMIT;
+
+SELECT "Adding New Modules" FROM DUAL;
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a', 'Content Provider Leakage', 'content.provider.leakage', 'lesson', 'Mobile Content Providers', 'mobile.content.providers', 'LazerLizardsFlamingWizards', '4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39', 'open', '79', '50', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('d7eaeaa1cc4f218abd86d14eefa183a0f8eb6298', 'NoSQL Injection One', 'nosql.injection.one', 'challenge', 'Injection', 'injection', 'c09f32d4c3dd5b75f04108e5ffc9226cd8840288a62bdaf9dc65828ab6eaf86a', 'd63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66', 'open', '89', '45', '5', 1);
 INSERT INTO modules (`moduleId`, `moduleName`, `moduleNameLangPointer`, `moduleType`, `moduleCategory`, `moduleCategoryLangPointer`, `moduleResult`, `moduleHash`, `moduleStatus`, `incrementalRank`, `scoreValue`, `scoreBonus`, `hardcodedKey`) VALUES ('c685f8102ae0128c2ab342df64699bb8209a0839', 'SQL Injection Escaping', 'sql.injection.escaping', 'challenge', 'Injection', 'injection', '0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac', '8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4', 'open', '99', '50', '5', 1);
-UPDATE modules SET incrementalRank = '87' WHERE moduleId = '335440fef02d19259254ed88293b62f31cccdd41';
-UPDATE modules SET moduleName = 'SQL Injection Old Challenge 1', moduleStatus = 'closed' WHERE moduleId = 'f771a10efb42a79a9dba262fd2be2e44bf40b66d';
-UPDATE modules SET moduleId = 'f771a10efb42a79a9dba262fd2be2e44bf40b66d', moduleName = 'SQL Injection 2', moduleNameLangPointer = 'sql.injection.2', moduleResult = 'f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3', moduleHash = 'ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b', incrementalRank = '88', scoreValue = '45' WHERE moduleName = 'SQL Injection 1';
+UPDATE modules SET moduleName = 'SQL Injection New Challenge 2', moduleId = '544aa22d3dd16a8232b093848a6523b0712b23daNEW', moduleNameLangPointer = 'sql.injection.2.new', moduleHash = 'ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b', moduleResult = 'f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3', incrementalRank = 85, scoreValue = 45 WHERE moduleId = 'f771a10efb42a79a9dba262fd2be2e44bf40b66d';
+UPDATE modules SET moduleId = 'f771a10efb42a79a9dba262fd2be2e44bf40b66d', moduleName = 'SQL Injection 1', moduleNameLangPointer = 'sql.injection.1', moduleResult = 'fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f', moduleHash = 'e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a', incrementalRank = 68, scoreValue = 35 WHERE moduleId = '544aa22d3dd16a8232b093848a6523b0712b23da';
+COMMIT;
+UPDATE modules SET moduleName = "SQL Injection 2", moduleNameLangPointer = 'sql.injection.2' WHERE moduleId = '544aa22d3dd16a8232b093848a6523b0712b23daNEW';
+COMMIT;
+
+SELECT "Updating Module Entries to Match v3.0" FROM DUAL;
+
+UPDATE modules SET moduleName ='CSRF 6', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = 'df611f54325786d42e6deae8bbd0b9d21cf2c9282ec6de4e04166abe2792ac00', incrementalRank = 176, scoreValue = 90, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5';
+UPDATE modules SET moduleName ='Insecure Cryptographic Storage Challenge 2', moduleCategory = 'Insecure Cryptographic Storage', moduleCategoryLangPointer = 'insecure.cryptographic.storage', moduleResult = 'TheVigenereCipherIsAmethodOfEncryptingAlphabeticTextByUsingPoly', incrementalRank = 126, scoreValue = 65, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '0709410108f91314fb6f7721df9b891351eb2fcc';
+UPDATE modules SET moduleName ='CSRF 5', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = '8f34078ef3e53f619618d9def1ede8a6a9117c77c2fad22f76bba633da83e6d4', incrementalRank = 156, scoreValue = 80, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '0a37cb9296ff3763f7f3a45ff313bce47afa9384';
+UPDATE modules SET moduleName ='Poor Authentication', moduleCategory = 'Mobile Poor Authentication', moduleCategoryLangPointer = 'mobile.poor.authentication', moduleResult = 'UpsideDownPizzaDip', incrementalRank = 90, scoreValue = 50, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '0cdd1549e7c74084d7059ce748b93ef657b44457';
+UPDATE modules SET moduleName ='Insecure Direct Object References', moduleCategory = 'Insecure Direct Object References', moduleCategoryLangPointer = 'insecure.direct.object.references', moduleResult = '59e571b1e59441e76e0c85e5b49', incrementalRank = 5, scoreValue = 10, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '0dbea4cb5811fff0527184f99bd5034ca9286f11';
+UPDATE modules SET moduleName ='Session Management Challenge 3', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = 'e62008dc47f5eb065229d48963', incrementalRank = 115, scoreValue = 60, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e';
+UPDATE modules SET moduleName ='Insecure Cryptographic Storage Challenge 4', moduleCategory = 'Insecure Cryptographic Storage', moduleCategoryLangPointer = 'insecure.cryptographic.storage', moduleResult = '50980917266ce6ec07471f49b1a046ca6a5034eb9261fb44c3ffc4b16931255c', incrementalRank = 177, scoreValue = 90, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '145111e80400e4fd48bd3aa5aca382e9c5640793';
+UPDATE modules SET moduleName ='Unintended Data Leakage', moduleCategory = 'Mobile Data Leakage', moduleCategoryLangPointer = 'mobile.data.leakage', moduleResult = 'SilentButSteadyRedLed', incrementalRank = 77, scoreValue = 40, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '1506f22cd73d14d8a73e0ee32006f35d4f234799';
+UPDATE modules SET moduleName ='Cross Site Scripting 4', moduleCategory = 'XSS', moduleCategoryLangPointer = 'xss', moduleResult = '515e05137e023dd7828adc03f639c8b13752fbdffab2353ccec', incrementalRank = 146, scoreValue = 75, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '182f519ef2add981c77a584380f41875edc65a56';
+UPDATE modules SET moduleName ='Unintended Data Leakage 2', moduleCategory = 'Mobile Data Leakage', moduleCategoryLangPointer = 'mobile.data.leakage', moduleResult = '627884736748', incrementalRank = 140, scoreValue = 70, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9';
+UPDATE modules SET moduleName ='Insecure Cryptographic Storage', moduleCategory = 'Insecure Cryptographic Storage', moduleCategoryLangPointer = 'insecure.cryptographic.storage', moduleResult = 'base64isNotEncryptionBase64isEncodingBase64HidesNothingFromYou', incrementalRank = 46, scoreValue = 25, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '201ae6f8c55ba3f3b5881806387fbf34b15c30c2';
+UPDATE modules SET moduleName ='CSRF 1', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = '7639c952a191d569a0c741843b599604c37e33f9f5d8eb07abf0254635320b07', incrementalRank = 106, scoreValue = 55, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '20e755179a5840be5503d42bb3711716235005ea';
+UPDATE modules SET moduleName ='Reverse Engineering', moduleCategory = 'Mobile Reverse Engineering', moduleCategoryLangPointer = 'mobile.reverse.engineering', moduleResult = 'DrumaDrumaDrumBoomBoom', incrementalRank = 75, scoreValue = 40, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '2ab09c0c18470ae5f87d219d019a1f603e66f944';
+UPDATE modules SET moduleName ='Insecure Direct Object Reference Challenge 1', moduleCategory = 'Insecure Direct Object References', moduleCategoryLangPointer = 'insecure.direct.object.references', moduleResult = 'dd6301b38b5ad9c54b85d07c087aebec89df8b8c769d4da084a55663e6186742', incrementalRank = 66, scoreValue = 35, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4';
+UPDATE modules SET moduleName ='Insecure Data Storage 1', moduleCategory = 'Mobile Insecure Data Storage', moduleCategoryLangPointer = 'mobile.insecure.data.storage', moduleResult = 'WarshipsAndWrenches', incrementalRank = 116, scoreValue = 60, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '307f78f18fd6a87e50ed6705231a9f24cd582574';
+UPDATE modules SET moduleName ='Client Side Injection', moduleCategory = 'Mobile Injection', moduleCategoryLangPointer = 'mobile.injection', moduleResult = 'VolcanicEruptionsAbruptInterruptions', incrementalRank = 87, scoreValue = 50, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '335440fef02d19259254ed88293b62f31cccdd41';
+UPDATE modules SET moduleName ='Session Management Challenge 7', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = '9042eeaa8455f71deea31a5a32ae51e71477b1581c3612972902206ac51bb621', incrementalRank = 209, scoreValue = 110, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '368491877a0318e9a774ba5d648c33cb0165ba1e';
+UPDATE modules SET moduleName ='Poor Data Validation 2', moduleCategory = 'Poor Data Validation', moduleCategoryLangPointer = 'poor.data.validation', moduleResult = '05adf1e4afeb5550faf7edbec99170b40e79168ecb3a5da19943f05a3fe08c8e', incrementalRank = 157, scoreValue = 80, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3';
+UPDATE modules SET moduleName ='Broken Crypto 3', moduleCategory = 'Mobile Broken Crypto', moduleCategoryLangPointer = 'mobile.broken.crypto', moduleResult = 'ShaveTheSkies', incrementalRank = 180, scoreValue = 180, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '3b1af0ad239325bf494c6e606585320b31612e72';
+UPDATE modules SET moduleName ='Failure to Restrict URL Access 1', moduleCategory = 'Failure to Restrict URL Access', moduleCategoryLangPointer = 'failure.to.restrict.url.access', moduleResult = 'c776572b6a9d5b5c6e4aa672a4771213', incrementalRank = 76, scoreValue = 40, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '3d5b46abc6865ba09aaff98a8278a5f5e339abff';
+UPDATE modules SET moduleName ='Broken Crypto 1', moduleCategory = 'Mobile Broken Crypto', moduleCategoryLangPointer = 'mobile.broken.crypto', moduleResult = 'd1f2df53084b970ab538457f5af34c8b', incrementalRank = 117, scoreValue = 60, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '3f010a976bcbd6a37fba4a10e4a057acc80bdc09';
+UPDATE modules SET moduleName ='SQL Injection', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = '3c17f6bf34080979e0cebda5672e989c07ceec9fa4ee7b7c17c9e3ce26bc63e0', incrementalRank = 55, scoreValue = 30, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '408610f220b4f71f7261207a17055acbffb8a747';
+UPDATE modules SET moduleName ='Cross Site Request Forgery', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = '666980771c29857b8a84c686751ce7edaae3d6ac1', incrementalRank = 78, scoreValue = 40, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '453d22238401e0bf6f1ff5d45996407e98e45b07';
+UPDATE modules SET moduleName ='Reverse Engineering 1', moduleCategory = 'Mobile Reverse Engineering', moduleCategoryLangPointer = 'mobile.reverse.engineering', moduleResult = 'christopherjenkins', incrementalRank = 85, scoreValue = 50, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '52885a3db5b09adc24f38bc453fe348f850649b3';
+UPDATE modules SET moduleName ='Failure to Restrict URL Access', moduleCategory = 'Failure to Restrict URL Access', moduleCategoryLangPointer = 'failure.to.restrict.url.access', moduleResult = 'f60d1337ac4d35cb67880a3adda79', incrementalRank = 25, scoreValue = 15, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a';
+UPDATE modules SET moduleName ='Insecure Data Storage', moduleCategory = 'Mobile Insecure Data Storage', moduleCategoryLangPointer = 'mobile.insecure.data.storage', moduleResult = 'Battery777', incrementalRank = 45, scoreValue = 25, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '53a53a66cb3bf3e4c665c442425ca90e29536edd';
+UPDATE modules SET moduleName ='SQL Injection 1', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = 'fd8e9a29dab791197115b58061b215594211e72c1680f1eacc50b0394133a09f', incrementalRank = 68, scoreValue = 35, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '544aa22d3dd16a8232b093848a6523b0712b23da';
+UPDATE modules SET moduleName ='Content Provider Leakage', moduleCategory = 'Mobile Content Providers', moduleCategoryLangPointer = 'mobile.content.providers', moduleResult = 'LazerLizardsFlamingWizards', incrementalRank = 79, scoreValue = 50, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a';
+UPDATE modules SET moduleName ='CSRF 3', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = '6bdbe1901cbe2e2749f347efb9ec2be820cc9396db236970e384604d2d55b62a', incrementalRank = 137, scoreValue = 70, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6';
+UPDATE modules SET moduleName ='SQL Injection 3', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = '9815 1547 3214 7569', incrementalRank = 135, scoreValue = 70, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e';
+UPDATE modules SET moduleName ='Security Misconfig Cookie Flag', moduleCategory = 'Security Misconfigurations', moduleCategoryLangPointer = 'security.misconfigurations', moduleResult = '92755de2ebb012e689caf8bfec629b1e237d23438427499b6bf0d7933f1b8215', incrementalRank = 208, scoreValue = 110, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '6158a695f20f9286d5f12ff3f4d42678f4a9740c';
+UPDATE modules SET moduleName ='Cross Site Scripting 3', moduleCategory = 'XSS', moduleCategoryLangPointer = 'xss', moduleResult = '6abaf491c9122db375533c04df', incrementalRank = 128, scoreValue = 65, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342';
+UPDATE modules SET moduleName ='Broken Crypto 2', moduleCategory = 'Mobile Broken Crypto', moduleCategoryLangPointer = 'mobile.broken.crypto', moduleResult = 'DancingRobotChilliSauce', incrementalRank = 149, scoreValue = 75, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '63bc4811a2e72a7c833962e5d47a41251cd90de3';
+UPDATE modules SET moduleName ='SQL Injection 7', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = '4637cae3d9b961fdff880d6d5ce4f69e91fe23db0aae7dcd4038e20ed8a287dc', incrementalRank = 210, scoreValue = 110, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '64070f5aec0593962a29a141110b9239d73cd7b3';
+UPDATE modules SET moduleName ='Poor Data Validation 1', moduleCategory = 'Poor Data Validation', moduleCategoryLangPointer = 'poor.data.validation', moduleResult = 'd30475881612685092e5ec469317dcc5ccc1f548a97bfdb041236b5bba7627bf', incrementalRank = 67, scoreValue = 35, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '6be5de81223cc1b38b6e427cc44f8b6a28d2bc96';
+UPDATE modules SET moduleName ='Session Management Challenge 8', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = '11d84b0ad628bb6e99e0640ff1791a29a1938609829ef5bdccee92b2bccd2bcd', incrementalRank = 215, scoreValue = 115, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '7153290d128cfdef5f40742dbaeb129a36ac2340';
+UPDATE modules SET moduleName ='Insecure Direct Object Reference Challenge 2', moduleCategory = 'Insecure Direct Object References', moduleCategoryLangPointer = 'insecure.direct.object.references', moduleResult = '1f746b87a4e3628b90b1927de23f6077abdbbb64586d3ac9485625da21921a0f', incrementalRank = 127, scoreValue = 65, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '82e8e9e2941a06852b90c97087309b067aeb2c4c';
+UPDATE modules SET moduleName ='CSRF 7', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = '849e1efbb0c1e870d17d32a3e1b18a8836514619146521fbec6623fce67b73e8', incrementalRank = 235, scoreValue = 120, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5';
+UPDATE modules SET moduleName ='Insecure Cryptographic Storage Challenge 1', moduleCategory = 'Insecure Cryptographic Storage', moduleCategoryLangPointer = 'insecure.cryptographic.storage', moduleResult = 'mylovelyhorserunningthroughthefieldwhereareyougoingwithyourbiga', incrementalRank = 65, scoreValue = 35, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '891a0208a95f1791287be721a4b851d4c584880a';
+UPDATE modules SET moduleName ='Session Management Challenge 6', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = 'bb0eb566322d6b1f1dff388f5eee9929f6f1f9f5cac9eed266ef6e5053fe08e6', incrementalRank = 207, scoreValue = 110, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '9294ba32bdbd680e3260a0315cd98bf6ce8b69bd';
+UPDATE modules SET moduleName ='CSRF 2', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = '45309dbaf8eaf6d1a5f1ecb1bf1b6be368a6542d3da35b9bf0224b88408dc001', incrementalRank = 136, scoreValue = 70, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '94cd2de560d89ef59fc450ecc647ff4d4a55c15d';
+UPDATE modules SET moduleName ='Broken Session Management', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = '6594dec9ff7c4e60d9f8945ca0d4', incrementalRank = 16, scoreValue = 10, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = '9533e21e285621a676bec58fc089065dec1f59f5';
+UPDATE modules SET moduleName ='Reverse Engineering 3', moduleCategory = 'Mobile Reverse Engineering', moduleCategoryLangPointer = 'mobile.reverse.engineering', moduleResult = 'C1babd72225f0e9934YZ8', incrementalRank = 120, scoreValue = 76, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = '9e46e3c8bde42dc16b9131c0547eedbf265e8f16';
+UPDATE modules SET moduleName ='Client Side Injection 1', moduleCategory = 'Mobile Injection', moduleCategoryLangPointer = 'mobile.injection', moduleResult = 'SourHatsAndAngryCats', incrementalRank = 138, scoreValue = 70, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4';
+UPDATE modules SET moduleName ='Session Management Challenge 1', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = 'db7b1da5d7a43c7100a6f01bb0c', incrementalRank = 75, scoreValue = 40, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d';
+UPDATE modules SET moduleName ='SQL Injection 5', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = '343f2e424d5d7a2eff7f9ee5a5a72fd97d5a19ef7bff3ef2953e033ea32dd7ee', incrementalRank = 175, scoreValue = 90, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'a84bbf8737a9ca749d81d5226fc87e0c828138ee';
+UPDATE modules SET moduleName ='SQL Injection 6', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = '17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82', incrementalRank = 186, scoreValue = 95, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe';
+UPDATE modules SET moduleName ='Failure to Restrict URL Access 3', moduleCategory = 'Failure to Restrict URL Access', moduleCategoryLangPointer = 'failure.to.restrict.url.access', moduleResult = '8c1dbfdc7cad35a116535f76f21e448c6c7c0ebc395be2be80e5690e01adec18', incrementalRank = 206, scoreValue = 110, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'adc845f9624716eefabcc90d172bab4096fa2ac4';
+UPDATE modules SET moduleName ='Insecure Cryptographic Storage Challenge 3', moduleCategory = 'Insecure Cryptographic Storage', moduleCategoryLangPointer = 'insecure.cryptographic.storage', moduleResult = 'THISISTHESECURITYSHEPHERDABCENCRYPTIONKEY', incrementalRank = 148, scoreValue = 75, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'b3cfd5890649e6815a1c7107cc41d17c82826cfa';
+UPDATE modules SET moduleName ='Unvalidated Redirects and Forwards', moduleCategory = 'Unvalidated Redirects and Forwards', moduleCategoryLangPointer = 'unvalidated.redirects.and.forwards', moduleResult = '658c43abcf81a61ca5234cfd7a2', incrementalRank = 86, scoreValue = 45, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'b6432a6b5022cb044e9946315c44ab262ab59e88';
+UPDATE modules SET moduleName ='Session Management Challenge 2', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = '4ba31e5ffe29de092fe1950422a', incrementalRank = 105, scoreValue = 55, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'b70a84f159876bb9885b6e0087d22f0a52abbfcf';
+UPDATE modules SET moduleName ='Poor Data Validation', moduleCategory = 'Poor Data Validation', moduleCategoryLangPointer = 'poor.data.validation', moduleResult = '6680b08b175c9f3d521764b41349fcbd3c0ad0a76655a10d42372ebccdfdb4bb', incrementalRank = 6, scoreValue = 10, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'b9d82aa7b46ddaddb6acfe470452a8362136a31e';
+UPDATE modules SET moduleName ='Poor Authentication 1', moduleCategory = 'Mobile Poor Authentication', moduleCategoryLangPointer = 'mobile.poor.authentication', moduleResult = 'MegaKillerExtremeCheese', incrementalRank = 160, scoreValue = 60, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c';
+UPDATE modules SET moduleName ='Security Misconfiguration', moduleCategory = 'Security Misconfigurations', moduleCategoryLangPointer = 'security.misconfigurations', moduleResult = '55b34717d014a5a355f6eced4386878fab0b2793e1d1dbfd23e6262cd510ea96', incrementalRank = 7, scoreValue = 10, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'bf847c4a8153d487d6ec36f4fca9b77749597c64';
+UPDATE modules SET moduleName ='Cross Site Scripting 6', moduleCategory = 'XSS', moduleCategoryLangPointer = 'xss', moduleResult = 'c13e42171dbd41a7020852ffdd3399b63a87f5', incrementalRank = 185, scoreValue = 95, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed';
+UPDATE modules SET moduleName ='SQL Injection Escaping', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = '0dcf9078ba5d878f9e23809ac8f013d1a08fdc8f12c5036f1a4746dbe86c0aac', incrementalRank = 99, scoreValue = 50, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'c685f8102ae0128c2ab342df64699bb8209a0839';
+UPDATE modules SET moduleName ='Failure to Restrict URL Access 2', moduleCategory = 'Failure to Restrict URL Access', moduleCategoryLangPointer = 'failure.to.restrict.url.access', moduleResult = '40b675e3d404c52b36abe31d05842b283975ec62e8', incrementalRank = 165, scoreValue = 85, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'c7ac1e05faa2d4b1016cfcc726e0689419662784';
+UPDATE modules SET moduleName ='Cross Site Scripting', moduleCategory = 'XSS', moduleCategoryLangPointer = 'xss', moduleResult = 'ea7b563b2935d8587539d747d', incrementalRank = 26, scoreValue = 15, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07';
+UPDATE modules SET moduleName ='Insecure Data Storage 3', moduleCategory = 'Mobile Insecure Data Storage', moduleCategoryLangPointer = 'mobile.insecure.data.storage', moduleResult = 'c4ptainBrunch', incrementalRank = 130, scoreValue = 60, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'cb7d696bdf88899e8077063d911fc8da14176702';
+UPDATE modules SET moduleName ='Cross Site Scripting 1', moduleCategory = 'XSS', moduleCategoryLangPointer = 'xss', moduleResult = '445d0db4a8fc5d4acb164d022b', incrementalRank = 35, scoreValue = 20, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'cd7f70faed73d2457219b951e714ebe5775515d8';
+UPDATE modules SET moduleName ='Session Management Challenge 4', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = '238a43b12dde07f39d14599a780ae90f87a23e', incrementalRank = 145, scoreValue = 75, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'ced925f8357a17cfe3225c6236df0f681b2447c4';
+UPDATE modules SET moduleName ='CSRF 4', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = 'bb78f73c7efefec25e518c3a91d50d789b689c4515b453b6140a2e4e1823d203', incrementalRank = 139, scoreValue = 70, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'cfbf7b915ee56508ad46ab79878f37fd9afe0d27';
+UPDATE modules SET moduleName ='Cross Site Scripting 2', moduleCategory = 'XSS', moduleCategoryLangPointer = 'xss', moduleResult = '495ab8cc7fe9532c6a75d378de', incrementalRank = 119, scoreValue = 60, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b';
+UPDATE modules SET moduleName ='NoSQL Injection One', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = 'c09f32d4c3dd5b75f04108e5ffc9226cd8840288a62bdaf9dc65828ab6eaf86a', incrementalRank = 89, scoreValue = 45, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'd7eaeaa1cc4f218abd86d14eefa183a0f8eb6298';
+UPDATE modules SET moduleName ='Insecure Data Storage 2', moduleCategory = 'Mobile Insecure Data Storage', moduleCategoryLangPointer = 'mobile.insecure.data.storage', moduleResult = 'starfish123', incrementalRank = 129, scoreValue = 65, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'da3de2e556494a9c2fb7308a98454cf55f3a4911';
+UPDATE modules SET moduleName ='SQL Injection Stored Procedure', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = 'd9c5757c1c086d02d491cbe46a941ecde5a65d523de36ac1bfed8dd4dd9994c8', incrementalRank = 177, scoreValue = 90, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'dc89383763c68cba0aaa1c6f3fd4c17e9d49a805';
+UPDATE modules SET moduleName ='Insecure Direct Object Reference Bank', moduleCategory = 'Insecure Direct Object References', moduleCategoryLangPointer = 'insecure.direct.object.references', moduleResult = '4a1df02af317270f844b56edc0c29a09f3dd39faad3e2a23393606769b2dfa35', incrementalRank = 131, scoreValue = 60, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'de626470273c01388629e5a56ac6f17e2eef957b';
+UPDATE modules SET moduleName ='SQL Injection 4', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = 'd316e80045d50bdf8ed49d48f130b4acf4a878c82faef34daff8eb1b98763b6f', incrementalRank = 147, scoreValue = 75, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998';
+UPDATE modules SET moduleName ='Client Side Injection 2', moduleCategory = 'Mobile Injection', moduleCategoryLangPointer = 'mobile.injection', moduleResult = 'BurpingChimneys', incrementalRank = 155, scoreValue = 80, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'e635fce334aa61fdaa459c21c286d6332eddcdd3';
+UPDATE modules SET moduleName ='Session Management Challenge 5', moduleCategory = 'Session Management', moduleCategoryLangPointer = 'session.management', moduleResult = 'a15b8ea0b8a3374a1dedc326dfbe3dbae26', incrementalRank = 205, scoreValue = 110, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'ed732e695b85baca21d80966306a9ab5ec37477f';
+UPDATE modules SET moduleName ='Broken Crypto', moduleCategory = 'Mobile Broken Crypto', moduleCategoryLangPointer = 'mobile.broken.crypto', moduleResult = '33edeb397d665ed7d1a580f3148d4b2f', incrementalRank = 97, scoreValue = 50, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'ef6496892b8e48ac2f349cdd7c8ecb889fc982af';
+UPDATE modules SET moduleName ='Reverse Engineering 2', moduleCategory = 'Mobile Reverse Engineering', moduleCategoryLangPointer = 'mobile.reverse.engineering', moduleResult = 'FireStoneElectric', incrementalRank = 98, scoreValue = 50, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'f16bf2ab1c1bf400d36330f91e9ac6045edcd003';
+UPDATE modules SET moduleName ='Unintended Data Leakage 1', moduleCategory = 'Mobile Data Leakage', moduleCategoryLangPointer = 'mobile.data.leakage', moduleResult = 'BagsofSalsa', incrementalRank = 132, scoreValue = 60, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'f40b0cd5d45327c9426675313f581cf70c7c7c28';
+UPDATE modules SET moduleName ='SQL Injection 2', moduleCategory = 'Injection', moduleCategoryLangPointer = 'injection', moduleResult = 'f62abebf5658a6a44c5c9babc7865110c62f5ecd9d0a7052db48c4dbee0200e3', incrementalRank = 88, scoreValue = 45, scoreBonus = 5, hardcodedKey = 1 WHERE moduleId = 'f771a10efb42a79a9dba262fd2be2e44bf40b66d';
+UPDATE modules SET moduleName ='CSRF JSON', moduleCategory = 'CSRF', moduleCategoryLangPointer = 'csrf', moduleResult = 'f57f1377bd847a370d42e1410bfe48c9a3484e78d50e83f851b634fe77d41a6e', incrementalRank = 141, scoreValue = 70, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'fcc2558e0a23b8420e173cf8029876cb887408d3';
+UPDATE modules SET moduleName ='Cross Site Scripting 5', moduleCategory = 'XSS', moduleCategoryLangPointer = 'xss', moduleResult = '7d7cc278c30cca985ab027e9f9e09e2f759e5a3d1f63293', incrementalRank = 166, scoreValue = 85, scoreBonus = 5, hardcodedKey = 0 WHERE moduleId = 'fccf8e4d5372ee5a73af5f862dc810545d19b176';
 
 COMMIT;
 
+-- -----------------------------------------------------
+-- Cheat Sheets
+-- -----------------------------------------------------
+SELECT "Updating Module Cheat Sheets to v3.0" FROM DUAL;
+use core;
+DELETE FROM cheatsheet;
+COMMIT;
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('1ed105033900e462b26ca0685b00d98f59efcd93', '0dbea4cb5811fff0527184f99bd5034ca9286f11', '2012-02-10 10:11:53', '0dbea4cb5811fff0527184f99bd5034ca9286f11.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('286ac1acdd084193e940e6f56df5457ff05a9fe1', '453d22238401e0bf6f1ff5d45996407e98e45b07', '2012-02-10 10:11:53', '453d22238401e0bf6f1ff5d45996407e98e45b07.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('44a6af94f6f7a16cc92d84a936cb5c7825967b47', 'cd7f70faed73d2457219b951e714ebe5775515d8', '2012-02-10 10:11:53', 'cd7f70faed73d2457219b951e714ebe5775515d8.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('5487f2bf98beeb3aea66941ae8257a5e0bec38bd', '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4', '2012-02-10 10:11:53', '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('5eccb1b8b1c033bba8ef928089808751cbe6e1f8', '94cd2de560d89ef59fc450ecc647ff4d4a55c15d', '2012-02-10 10:11:53', '94cd2de560d89ef59fc450ecc647ff4d4a55c15d.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('6924e936f811e174f206d5432cf7510a270a18fa', 'b70a84f159876bb9885b6e0087d22f0a52abbfcf', '2012-02-10 10:11:53', 'b70a84f159876bb9885b6e0087d22f0a52abbfcf.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('7382ff2f7ee416bf0d37961ec54de32c502351de', 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d', '2012-02-10 10:11:53', 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('776ef847e16dde4b1d65a476918d2157f62f8c91', '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6', '2012-02-10 10:11:53', '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('82c207a4e07cbfc54faec884be6db0524e74829e', '891a0208a95f1791287be721a4b851d4c584880a', '2012-02-10 10:11:53', '891a0208a95f1791287be721a4b851d4c584880a.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('860e5ed692c956c2ae6c4ba20c95313d9f5b0383', 'b6432a6b5022cb044e9946315c44ab262ab59e88', '2012-02-10 10:11:53', 'b6432a6b5022cb044e9946315c44ab262ab59e88.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('945b7dcdef1a36ded2ab008422396f8ba51c0630', 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b', '2012-02-10 10:11:53', 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('97f946ed0bbda4f85e472321a256eacf2293239d', '20e755179a5840be5503d42bb3711716235005ea', '2012-02-10 10:11:53', '20e755179a5840be5503d42bb3711716235005ea.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('b8515347017439da4216c6f8d984326eb21652d0', '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a', '2012-02-10 10:11:53', '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('b921c6b7dc82648f0a0d07513f3eecb39b3ed064', 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07', '2012-02-10 10:11:53', 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('ba4e0a2727561c41286aa850b89022c09e088b67', '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e', '2012-02-10 10:11:53', '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('bb94a8412d7bb95f84c73afa420ca57fbc917912', '9533e21e285621a676bec58fc089065dec1f59f5', '2012-02-10 10:11:53', '9533e21e285621a676bec58fc089065dec1f59f5.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('c0b869ff8a4cd1f388e5e6bdd6525d176175c296', '408610f220b4f71f7261207a17055acbffb8a747', '2012-02-10 10:11:53', '408610f220b4f71f7261207a17055acbffb8a747.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('c0ed3f81fc615f28a39ed2c23555cea074e513f0', '0709410108f91314fb6f7721df9b891351eb2fcc', '2012-02-10 10:11:53', '0709410108f91314fb6f7721df9b891351eb2fcc.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('d0a0742494656c79767864b2898247df4f37b728', '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342', '2012-02-10 10:11:53', '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('d51277769f9452b6508a3a22d9f52bea3b0ff84d', 'f771a10efb42a79a9dba262fd2be2e44bf40b66d', '2012-02-10 10:11:53', 'f771a10efb42a79a9dba262fd2be2e44bf40b66d.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('e7e44ba680b2ab1f6958b1344c9e43931b81164a', '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e', '2012-02-10 10:11:53', '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('f392e5a69475b14fbe5ae17639e174f379c0870e', '201ae6f8c55ba3f3b5881806387fbf34b15c30c2', '2012-02-10 10:11:53', '201ae6f8c55ba3f3b5881806387fbf34b15c30c2.solution');
+INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('6afa50948e10466e9a94c7c2b270b3f958e412c6', '82e8e9e2941a06852b90c97087309b067aeb2c4c', '2012-02-10 10:11:53', '82e8e9e2941a06852b90c97087309b067aeb2c4c.solution');
+CALL cheatSheetCreate('a84bbf8737a9ca749d81d5226fc87e0c828138ee', 'a84bbf8737a9ca749d81d5226fc87e0c828138ee.solution');
+CALL cheatSheetCreate('e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998', 'e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998.solution');
+CALL cheatSheetCreate('ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe', 'ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe.solution');
+CALL cheatSheetCreate('182f519ef2add981c77a584380f41875edc65a56', '182f519ef2add981c77a584380f41875edc65a56.solution'); 
+CALL cheatSheetCreate('fccf8e4d5372ee5a73af5f862dc810545d19b176', 'fccf8e4d5372ee5a73af5f862dc810545d19b176.solution'); 
+CALL cheatSheetCreate('0a37cb9296ff3763f7f3a45ff313bce47afa9384', '0a37cb9296ff3763f7f3a45ff313bce47afa9384.solution');
+CALL cheatSheetCreate('04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5', '04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5.solution');
+CALL cheatSheetCreate('853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5', '853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5.solution');
+CALL cheatSheetCreate('3d5b46abc6865ba09aaff98a8278a5f5e339abff', '3d5b46abc6865ba09aaff98a8278a5f5e339abff.solution');
+CALL cheatSheetCreate('c7ac1e05faa2d4b1016cfcc726e0689419662784', 'c7ac1e05faa2d4b1016cfcc726e0689419662784.solution');
+CALL cheatSheetCreate('b3cfd5890649e6815a1c7107cc41d17c82826cfa', 'b3cfd5890649e6815a1c7107cc41d17c82826cfa.solution');
+CALL cheatSheetCreate('ced925f8357a17cfe3225c6236df0f681b2447c4', 'ced925f8357a17cfe3225c6236df0f681b2447c4.solution');
+CALL cheatSheetCreate('c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed', 'c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed.solution');
+CALL cheatSheetCreate('53a53a66cb3bf3e4c665c442425ca90e29536edd', '53a53a66cb3bf3e4c665c442425ca90e29536edd.solution');
+CALL cheatSheetCreate('307f78f18fd6a87e50ed6705231a9f24cd582574', '307f78f18fd6a87e50ed6705231a9f24cd582574.solution');
+CALL cheatSheetCreate('da3de2e556494a9c2fb7308a98454cf55f3a4911', 'da3de2e556494a9c2fb7308a98454cf55f3a4911.solution');
+CALL cheatSheetCreate('335440fef02d19259254ed88293b62f31cccdd41', '335440fef02d19259254ed88293b62f31cccdd41.solution');
+CALL cheatSheetCreate('a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4', 'a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4.solution');
+CALL cheatSheetCreate('e635fce334aa61fdaa459c21c286d6332eddcdd3', 'e635fce334aa61fdaa459c21c286d6332eddcdd3.solution');
+CALL cheatSheetCreate('ef6496892b8e48ac2f349cdd7c8ecb889fc982af', 'ef6496892b8e48ac2f349cdd7c8ecb889fc982af.solution');
+CALL cheatSheetCreate('3f010a976bcbd6a37fba4a10e4a057acc80bdc09', '3f010a976bcbd6a37fba4a10e4a057acc80bdc09.solution');
+CALL cheatSheetCreate('63bc4811a2e72a7c833962e5d47a41251cd90de3', '63bc4811a2e72a7c833962e5d47a41251cd90de3.solution');
+CALL cheatSheetCreate('2ab09c0c18470ae5f87d219d019a1f603e66f944', '2ab09c0c18470ae5f87d219d019a1f603e66f944.solution');
+CALL cheatSheetCreate('f16bf2ab1c1bf400d36330f91e9ac6045edcd003', 'f16bf2ab1c1bf400d36330f91e9ac6045edcd003.solution');
+CALL cheatSheetCreate('9e46e3c8bde42dc16b9131c0547eedbf265e8f16', '9e46e3c8bde42dc16b9131c0547eedbf265e8f16.solution');
+CALL cheatSheetCreate('1506f22cd73d14d8a73e0ee32006f35d4f234799', '1506f22cd73d14d8a73e0ee32006f35d4f234799.solution');
+CALL cheatSheetCreate('ed732e695b85baca21d80966306a9ab5ec37477f', 'ed732e695b85baca21d80966306a9ab5ec37477f.solution');
+CALL cheatSheetCreate('cfbf7b915ee56508ad46ab79878f37fd9afe0d27', 'cfbf7b915ee56508ad46ab79878f37fd9afe0d27.solution');
+CALL cheatSheetCreate('9294ba32bdbd680e3260a0315cd98bf6ce8b69bd', '9294ba32bdbd680e3260a0315cd98bf6ce8b69bd.solution');
+CALL cheatSheetCreate('7153290d128cfdef5f40742dbaeb129a36ac2340', '7153290d128cfdef5f40742dbaeb129a36ac2340.solution');
+CALL cheatSheetCreate('145111e80400e4fd48bd3aa5aca382e9c5640793', '145111e80400e4fd48bd3aa5aca382e9c5640793.solution');
+CALL cheatSheetCreate('adc845f9624716eefabcc90d172bab4096fa2ac4', 'adc845f9624716eefabcc90d172bab4096fa2ac4.solution');
+CALL cheatSheetCreate('64070f5aec0593962a29a141110b9239d73cd7b3', '64070f5aec0593962a29a141110b9239d73cd7b3.solution');
+CALL cheatSheetCreate('1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9', '1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9.solution');
+CALL cheatSheetCreate('f40b0cd5d45327c9426675313f581cf70c7c7c28', 'f40b0cd5d45327c9426675313f581cf70c7c7c28.solution');
+CALL cheatSheetCreate('ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c', 'ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c.solution');
+CALL cheatSheetCreate('52885a3db5b09adc24f38bc453fe348f850649b3', '52885a3db5b09adc24f38bc453fe348f850649b3.solution');
+CALL cheatSheetCreate('3b1af0ad239325bf494c6e606585320b31612e72', '3b1af0ad239325bf494c6e606585320b31612e72.solution');
+CALL cheatSheetCreate('0cdd1549e7c74084d7059ce748b93ef657b44457', '0cdd1549e7c74084d7059ce748b93ef657b44457.solution');
+CALL cheatSheetCreate('368491877a0318e9a774ba5d648c33cb0165ba1e', '368491877a0318e9a774ba5d648c33cb0165ba1e.solution');
+CALL cheatSheetCreate('6be5de81223cc1b38b6e427cc44f8b6a28d2bc96', '6be5de81223cc1b38b6e427cc44f8b6a28d2bc96.solution');
+CALL cheatSheetCreate('3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3', '3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3.solution');
+CALL cheatSheetCreate('b9d82aa7b46ddaddb6acfe470452a8362136a31e', 'b9d82aa7b46ddaddb6acfe470452a8362136a31e.solution');
+CALL cheatSheetCreate('bf847c4a8153d487d6ec36f4fca9b77749597c64', 'bf847c4a8153d487d6ec36f4fca9b77749597c64.solution');
+CALL cheatSheetCreate('fcc2558e0a23b8420e173cf8029876cb887408d3', 'fcc2558e0a23b8420e173cf8029876cb887408d3.solution');
+CALL cheatSheetCreate('6158a695f20f9286d5f12ff3f4d42678f4a9740c', '6158a695f20f9286d5f12ff3f4d42678f4a9740c.solution');
+CALL cheatSheetCreate('de626470273c01388629e5a56ac6f17e2eef957b', 'de626470273c01388629e5a56ac6f17e2eef957b.solution');
+CALL cheatSheetCreate('dc89383763c68cba0aaa1c6f3fd4c17e9d49a805', 'dc89383763c68cba0aaa1c6f3fd4c17e9d49a805.solution');
+CALL cheatSheetCreate('5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a', '5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a.solution');
+CALL cheatSheetCreate('c685f8102ae0128c2ab342df64699bb8209a0839', 'c685f8102ae0128c2ab342df64699bb8209a0839.solution');
+CALL cheatSheetCreate('d7eaeaa1cc4f218abd86d14eefa183a0f8eb6298', 'd7eaeaa1cc4f218abd86d14eefa183a0f8eb6298.solution');
 
 -- -----------------------------------------------------
 -- procedure moduleCreate
 -- -----------------------------------------------------
-
+SELECT "Updating Procedures to V3.0" FROM DUAL;
 DROP PROCEDURE `core`.`moduleCreate`;
 
 DELIMITER $$
@@ -76,6 +248,53 @@ $$
 
 DELIMITER ;
 
+-- -----------------------------------------------------
+-- procedure moduleIncrementalInfo
+-- -----------------------------------------------------
+DROP PROCEDURE `core`.`moduleIncrementalInfo`;
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`moduleIncrementalInfo` (IN theUserId VARCHAR(64))
+BEGIN
+(SELECT moduleNameLangPointer, moduleCategory, moduleId, finishTime, incrementalRank FROM modules LEFT JOIN results USING (moduleId) WHERE userId = theUserId AND moduleStatus = 'open') UNION (SELECT moduleNameLangPointer, moduleCategory, moduleId, null, incrementalRank FROM modules WHERE moduleStatus = 'open' AND moduleId NOT IN (SELECT moduleId FROM modules JOIN results USING (moduleId) WHERE userId = theUserId)) ORDER BY incrementalRank;
+END
+
+$$
+
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- procedure userGetIdByName
+-- -----------------------------------------------------
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userGetIdByName` (IN theUserName VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT userId FROM users
+    WHERE userName = theUserName;
+END
+$$
+
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- procedure userClassId
+-- -----------------------------------------------------
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userClassId` (IN theUserName VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT classId FROM users
+    WHERE userName = theUserName;
+END
+$$
+
+DELIMITER ;
+
 -- -----------------------------------------------------
 -- procedure moduleAllInfo
 -- -----------------------------------------------------
@@ -131,85 +350,136 @@ $$
 DELIMITER ;
 
 COMMIT;
+
 -- -----------------------------------------------------
--- Cheat Sheets
+-- procedure userCreate
 -- -----------------------------------------------------
+DROP PROCEDURE `core`.`userCreate`;
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userCreate` (IN theClassId VARCHAR(64), IN theUserName VARCHAR(32), IN theUserPass VARCHAR(512), IN theUserRole VARCHAR(32), IN theUserAddress VARCHAR(128), tempPass BOOLEAN)
+BEGIN
+    DECLARE theId VARCHAR(64);
+    DECLARE theClassCount INT;    
+    DECLARE theDate DATETIME;
 
-use core;
-DELETE FROM cheatsheet;
+    COMMIT;
+    SELECT NOW() FROM DUAL INTO theDate;
+    -- If (Valid User Type) AND (classId = null or (Valid Class Id)) Then create user
+    IF (theUserRole = 'player' OR theUserRole = 'admin') THEN
+        IF (theClassId != null) THEN
+            SELECT count(classId) FROM class
+                WHERE classId = theClassId
+                INTO theClassCount;
+            IF (theClassCount != 1) THEN
+                SELECT null FROM DUAL INTO theClassId;
+            END IF;
+        END IF;
+                
+        -- Increment sequence for users table
+        UPDATE sequence SET
+            currVal = currVal + 1
+            WHERE tableName = 'users';
+        COMMIT;
+        SELECT SHA(CONCAT(currVal, tableName, theDate)) FROM sequence
+            WHERE tableName = 'users'
+            INTO theId;
+        
+        -- Insert the values, badLoginCount and suspendedUntil Values will use the defaults defined by the table
+        INSERT INTO users (
+                userId,
+                classId,
+                userName,
+                userPass,
+                userRole,
+                userAddress,
+                tempPassword
+            ) VALUES (
+                theId,
+                theClassId,
+                theUserName,
+                SHA2(theUserPass, 512),
+                theUserRole,
+                theUserAddress,
+                tempPass
+            );
+        COMMIT;
+        SELECT null FROM DUAL;
+    ELSE
+        SELECT 'Invalid Role Type Detected' FROM DUAL;
+    END IF;
+END
+
+$$
+
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- procedure userPasswordChangeAdmin
+-- -----------------------------------------------------
+DROP PROCEDURE `core`.`userPasswordChangeAdmin`;
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userPasswordChangeAdmin` (IN theUserId VARCHAR(64), IN newPassword VARCHAR(512))
+BEGIN
+DECLARE theDate DATETIME;
 COMMIT;
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('1ed105033900e462b26ca0685b00d98f59efcd93', '0dbea4cb5811fff0527184f99bd5034ca9286f11', '2012-02-10 10:11:53', '0dbea4cb5811fff0527184f99bd5034ca9286f11.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('286ac1acdd084193e940e6f56df5457ff05a9fe1', '453d22238401e0bf6f1ff5d45996407e98e45b07', '2012-02-10 10:11:53', '453d22238401e0bf6f1ff5d45996407e98e45b07.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('44a6af94f6f7a16cc92d84a936cb5c7825967b47', 'cd7f70faed73d2457219b951e714ebe5775515d8', '2012-02-10 10:11:53', 'cd7f70faed73d2457219b951e714ebe5775515d8.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('5487f2bf98beeb3aea66941ae8257a5e0bec38bd', '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4', '2012-02-10 10:11:53', '2dc909fd89c2b03059b1512e7b54ce5d1aaa4bb4.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('5eccb1b8b1c033bba8ef928089808751cbe6e1f8', '94cd2de560d89ef59fc450ecc647ff4d4a55c15d', '2012-02-10 10:11:53', '94cd2de560d89ef59fc450ecc647ff4d4a55c15d.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('6924e936f811e174f206d5432cf7510a270a18fa', 'b70a84f159876bb9885b6e0087d22f0a52abbfcf', '2012-02-10 10:11:53', 'b70a84f159876bb9885b6e0087d22f0a52abbfcf.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('7382ff2f7ee416bf0d37961ec54de32c502351de', 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d', '2012-02-10 10:11:53', 'a4bf43f2ba5ced041b03d0b3f9fa3541c520d65d.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('776ef847e16dde4b1d65a476918d2157f62f8c91', '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6', '2012-02-10 10:11:53', '5ca9115f3279b9b9f3308eb6a59a4fcd374846d6.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('82c207a4e07cbfc54faec884be6db0524e74829e', '891a0208a95f1791287be721a4b851d4c584880a', '2012-02-10 10:11:53', '891a0208a95f1791287be721a4b851d4c584880a.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('860e5ed692c956c2ae6c4ba20c95313d9f5b0383', 'b6432a6b5022cb044e9946315c44ab262ab59e88', '2012-02-10 10:11:53', 'b6432a6b5022cb044e9946315c44ab262ab59e88.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('945b7dcdef1a36ded2ab008422396f8ba51c0630', 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b', '2012-02-10 10:11:53', 'd4e2c37d8f1298fcaf4edcea7292cb76e9eab09b.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('97f946ed0bbda4f85e472321a256eacf2293239d', '20e755179a5840be5503d42bb3711716235005ea', '2012-02-10 10:11:53', '20e755179a5840be5503d42bb3711716235005ea.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('af5959a242047ee87f728b87570a4e9ed9417e5e', '544aa22d3dd16a8232b093848a6523b0712b23da', '2012-02-10 10:11:53', '544aa22d3dd16a8232b093848a6523b0712b23da.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('b8515347017439da4216c6f8d984326eb21652d0', '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a', '2012-02-10 10:11:53', '52c5394cdedfb2e95b3ad8b92d0d6c9d1370ea9a.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('b921c6b7dc82648f0a0d07513f3eecb39b3ed064', 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07', '2012-02-10 10:11:53', 'ca8233e0398ecfa76f9e05a49d49f4a7ba390d07.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('ba4e0a2727561c41286aa850b89022c09e088b67', '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e', '2012-02-10 10:11:53', '0e9e650ffca2d1fe516c5d7b0ce5c32de9e53d1e.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('bb94a8412d7bb95f84c73afa420ca57fbc917912', '9533e21e285621a676bec58fc089065dec1f59f5', '2012-02-10 10:11:53', '9533e21e285621a676bec58fc089065dec1f59f5.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('c0b869ff8a4cd1f388e5e6bdd6525d176175c296', '408610f220b4f71f7261207a17055acbffb8a747', '2012-02-10 10:11:53', '408610f220b4f71f7261207a17055acbffb8a747.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('c0ed3f81fc615f28a39ed2c23555cea074e513f0', '0709410108f91314fb6f7721df9b891351eb2fcc', '2012-02-10 10:11:53', '0709410108f91314fb6f7721df9b891351eb2fcc.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('d0a0742494656c79767864b2898247df4f37b728', '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342', '2012-02-10 10:11:53', '6319a2e38cc4b2dc9e6d840e1b81db11ee8e5342.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('d51277769f9452b6508a3a22d9f52bea3b0ff84d', 'f771a10efb42a79a9dba262fd2be2e44bf40b66d', '2012-02-10 10:11:53', 'f771a10efb42a79a9dba262fd2be2e44bf40b66d.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('e7e44ba680b2ab1f6958b1344c9e43931b81164a', '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e', '2012-02-10 10:11:53', '5dda8dc216bd6a46fccaa4ed45d49404cdc1c82e.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('f392e5a69475b14fbe5ae17639e174f379c0870e', '201ae6f8c55ba3f3b5881806387fbf34b15c30c2', '2012-02-10 10:11:53', '201ae6f8c55ba3f3b5881806387fbf34b15c30c2.solution');
-INSERT INTO `core`.`cheatsheet` (`cheatSheetId`, `moduleId`, `createDate`, `solution`) VALUES ('6afa50948e10466e9a94c7c2b270b3f958e412c6', '82e8e9e2941a06852b90c97087309b067aeb2c4c', '2012-02-10 10:11:53', '82e8e9e2941a06852b90c97087309b067aeb2c4c.solution');
-CALL cheatSheetCreate('a84bbf8737a9ca749d81d5226fc87e0c828138ee', 'a84bbf8737a9ca749d81d5226fc87e0c828138ee.solution');
-CALL cheatSheetCreate('e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998', 'e0ba96bb4c8d4cd2e1ff0a10a0c82b5362edf998.solution');
-CALL cheatSheetCreate('ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe', 'ad332a32a6af1f005f9c8d1e98db264eb2ae5dfe.solution');
-CALL cheatSheetCreate('182f519ef2add981c77a584380f41875edc65a56', '182f519ef2add981c77a584380f41875edc65a56.solution'); 
-CALL cheatSheetCreate('fccf8e4d5372ee5a73af5f862dc810545d19b176', 'fccf8e4d5372ee5a73af5f862dc810545d19b176.solution'); 
-CALL cheatSheetCreate('0a37cb9296ff3763f7f3a45ff313bce47afa9384', '0a37cb9296ff3763f7f3a45ff313bce47afa9384.solution');
-CALL cheatSheetCreate('04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5', '04a5bd8656fdeceac26e21ef6b04b90eaafbd7d5.solution');
-CALL cheatSheetCreate('853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5', '853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5.solution');
-CALL cheatSheetCreate('3d5b46abc6865ba09aaff98a8278a5f5e339abff', '3d5b46abc6865ba09aaff98a8278a5f5e339abff.solution');
-CALL cheatSheetCreate('c7ac1e05faa2d4b1016cfcc726e0689419662784', 'c7ac1e05faa2d4b1016cfcc726e0689419662784.solution');
-CALL cheatSheetCreate('b3cfd5890649e6815a1c7107cc41d17c82826cfa', 'b3cfd5890649e6815a1c7107cc41d17c82826cfa.solution');
-CALL cheatSheetCreate('ced925f8357a17cfe3225c6236df0f681b2447c4', 'ced925f8357a17cfe3225c6236df0f681b2447c4.solution');
-CALL cheatSheetCreate('c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed', 'c6841bcc326c4bad3a23cd4fa6391eb9bdb146ed.solution');
-CALL cheatsheetCreate('53a53a66cb3bf3e4c665c442425ca90e29536edd', '53a53a66cb3bf3e4c665c442425ca90e29536edd.solution');
-CALL cheatsheetCreate('307f78f18fd6a87e50ed6705231a9f24cd582574', '307f78f18fd6a87e50ed6705231a9f24cd582574.solution');
-CALL cheatsheetCreate('da3de2e556494a9c2fb7308a98454cf55f3a4911', 'da3de2e556494a9c2fb7308a98454cf55f3a4911.solution');
-CALL cheatsheetCreate('335440fef02d19259254ed88293b62f31cccdd41', '335440fef02d19259254ed88293b62f31cccdd41.solution');
-CALL cheatsheetCreate('a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4', 'a3f7ffd0f9c3d15564428d4df0b91bd927e4e5e4.solution');
-CALL cheatsheetCreate('e635fce334aa61fdaa459c21c286d6332eddcdd3', 'e635fce334aa61fdaa459c21c286d6332eddcdd3.solution');
-CALL cheatsheetCreate('ef6496892b8e48ac2f349cdd7c8ecb889fc982af', 'ef6496892b8e48ac2f349cdd7c8ecb889fc982af.solution');
-CALL cheatsheetCreate('3f010a976bcbd6a37fba4a10e4a057acc80bdc09', '3f010a976bcbd6a37fba4a10e4a057acc80bdc09.solution');
-CALL cheatsheetCreate('63bc4811a2e72a7c833962e5d47a41251cd90de3', '63bc4811a2e72a7c833962e5d47a41251cd90de3.solution');
-CALL cheatsheetCreate('2ab09c0c18470ae5f87d219d019a1f603e66f944', '2ab09c0c18470ae5f87d219d019a1f603e66f944.solution');
-CALL cheatsheetCreate('f16bf2ab1c1bf400d36330f91e9ac6045edcd003', 'f16bf2ab1c1bf400d36330f91e9ac6045edcd003.solution');
-CALL cheatsheetCreate('9e46e3c8bde42dc16b9131c0547eedbf265e8f16', '9e46e3c8bde42dc16b9131c0547eedbf265e8f16.solution');
-CALL cheatsheetCreate('1506f22cd73d14d8a73e0ee32006f35d4f234799', '1506f22cd73d14d8a73e0ee32006f35d4f234799.solution');
-CALL cheatSheetCreate('ed732e695b85baca21d80966306a9ab5ec37477f', 'ed732e695b85baca21d80966306a9ab5ec37477f.solution');
-CALL cheatSheetCreate('cfbf7b915ee56508ad46ab79878f37fd9afe0d27', 'cfbf7b915ee56508ad46ab79878f37fd9afe0d27.solution');
-CALL cheatSheetCreate('9294ba32bdbd680e3260a0315cd98bf6ce8b69bd', '9294ba32bdbd680e3260a0315cd98bf6ce8b69bd.solution');
-CALL cheatSheetCreate('7153290d128cfdef5f40742dbaeb129a36ac2340', '7153290d128cfdef5f40742dbaeb129a36ac2340.solution');
-CALL cheatSheetCreate('145111e80400e4fd48bd3aa5aca382e9c5640793', '145111e80400e4fd48bd3aa5aca382e9c5640793.solution');
-CALL cheatSheetCreate('adc845f9624716eefabcc90d172bab4096fa2ac4', 'adc845f9624716eefabcc90d172bab4096fa2ac4.solution');
-CALL cheatSheetCreate('64070f5aec0593962a29a141110b9239d73cd7b3', '64070f5aec0593962a29a141110b9239d73cd7b3.solution');
-CALL cheatSheetCreate('1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9', '1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9.solution');
-CALL cheatSheetCreate('f40b0cd5d45327c9426675313f581cf70c7c7c28', 'f40b0cd5d45327c9426675313f581cf70c7c7c28.solution');
-CALL cheatSheetCreate('ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c', 'ba6e65e4881c8499b5e53eb33b5be6b5d0f1fb2c.solution');
-CALL cheatSheetCreate('52885a3db5b09adc24f38bc453fe348f850649b3', '52885a3db5b09adc24f38bc453fe348f850649b3.solution');
-CALL cheatSheetCreate('3b1af0ad239325bf494c6e606585320b31612e72', '3b1af0ad239325bf494c6e606585320b31612e72.solution');
-CALL cheatSheetCreate('0cdd1549e7c74084d7059ce748b93ef657b44457', '0cdd1549e7c74084d7059ce748b93ef657b44457.solution');
-CALL cheatSheetCreate('368491877a0318e9a774ba5d648c33cb0165ba1e', '368491877a0318e9a774ba5d648c33cb0165ba1e.solution');
-CALL cheatSheetCreate('6be5de81223cc1b38b6e427cc44f8b6a28d2bc96', '6be5de81223cc1b38b6e427cc44f8b6a28d2bc96.solution');
-CALL cheatSheetCreate('3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3', '3b14ca3c8f9b90c9b2c8cd1fba9fa67add1272a3.solution');
-CALL cheatSheetCreate('b9d82aa7b46ddaddb6acfe470452a8362136a31e', 'b9d82aa7b46ddaddb6acfe470452a8362136a31e.solution');
-CALL cheatSheetCreate('bf847c4a8153d487d6ec36f4fca9b77749597c64', 'bf847c4a8153d487d6ec36f4fca9b77749597c64.solution');
-CALL cheatSheetCreate('fcc2558e0a23b8420e173cf8029876cb887408d3', 'fcc2558e0a23b8420e173cf8029876cb887408d3.solution');
-CALL cheatSheetCreate('6158a695f20f9286d5f12ff3f4d42678f4a9740c', '6158a695f20f9286d5f12ff3f4d42678f4a9740c.solution');
-CALL cheatSheetCreate('de626470273c01388629e5a56ac6f17e2eef957b', 'de626470273c01388629e5a56ac6f17e2eef957b.solution');
-CALL cheatSheetCreate('dc89383763c68cba0aaa1c6f3fd4c17e9d49a805', 'dc89383763c68cba0aaa1c6f3fd4c17e9d49a805.solution');
-CALL cheatSheetCreate('5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a', '5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a.solution');
-CALL cheatSheetCreate('c685f8102ae0128c2ab342df64699bb8209a0839', 'c685f8102ae0128c2ab342df64699bb8209a0839.solution');
-CALL cheatSheetCreate('d7eaeaa1cc4f218abd86d14eefa183a0f8eb6298', 'd7eaeaa1cc4f218abd86d14eefa183a0f8eb6298.solution');
\ No newline at end of file
+SELECT NOW() FROM DUAL INTO theDate;
+UPDATE users SET
+    userPass = SHA2(newPassword, 512),
+    tempPassword = TRUE
+    WHERE userId = theUserId;
+COMMIT;
+END
+
+$$
+
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- procedure moduleGetNameLocale
+-- -----------------------------------------------------
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`moduleGetNameLocale` (IN theModuleId VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT moduleNameLangPointer, moduleName FROM modules
+    WHERE moduleId = theModuleId;
+END
+
+$$
+
+DELIMITER ;
+
+-- -----------------------------------------------------
+-- procedure userGetIdByName
+-- -----------------------------------------------------
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userGetIdByName` (IN theUserName VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT userId FROM users
+    WHERE userName = theUserName;
+END
+$$
+
+DELIMITER ;
+-- -----------------------------------------------------
+-- procedure userClassId
+-- -----------------------------------------------------
+
+DELIMITER $$
+USE `core`$$
+CREATE PROCEDURE `core`.`userClassId` (IN theUserName VARCHAR(64))
+BEGIN
+COMMIT;
+SELECT classId FROM users
+    WHERE userName = theUserName;
+END
+$$
+
+DELIMITER ;
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/dbProcs/Database.java b/SecurityShepherdCore/src/dbProcs/Database.java
index d3ca07ef2..656ab6bb4 100644
--- a/SecurityShepherdCore/src/dbProcs/Database.java
+++ b/SecurityShepherdCore/src/dbProcs/Database.java
@@ -94,19 +94,24 @@ public static Connection getCoreConnection(String ApplicationRoot)
 	   Connection conn = null;
 	   try
 	   {
+		   //log.debug("Getting Prop File");
 		   //Pull Driver and DB URL out of database.properties
 		   String props = ApplicationRoot+"/WEB-INF/database.properties";
+		   //log.debug("Getting Driver");
 		   String DriverType = FileInputProperties.readfile(props, "DriverType");
+		   //log.debug("Getting Driver Instance");
 		   Class.forName(DriverType).newInstance();
 		   String connectionURL=FileInputProperties.readfile(props, "databaseConnectionURL");
 		   
 		   //Pull Schema, User name and Password from SqlInjLesson.properties
 		   props = ApplicationRoot+"/WEB-INF/coreDatabase.properties";
 		   
+		   //log.debug("Reading Prop File");
 		   connectionURL= connectionURL + FileInputProperties.readfile(props, "databaseConnectionURL");
 		   String username=FileInputProperties.readfile(props, "databaseUsername");
 		   String password=FileInputProperties.readfile(props, "databasePassword");
 		   
+		   //log.debug("Creating Connection to DB");
 		   conn = DriverManager.getConnection(connectionURL,username,password);
 	   }
 	   catch(Exception e)
diff --git a/SecurityShepherdCore/src/dbProcs/Getter.java b/SecurityShepherdCore/src/dbProcs/Getter.java
index bff1a2883..7ada15fd6 100644
--- a/SecurityShepherdCore/src/dbProcs/Getter.java
+++ b/SecurityShepherdCore/src/dbProcs/Getter.java
@@ -43,6 +43,20 @@ public class Getter
 	 * Used for scoreboards / progress bars
 	 */
 	private static int widthOfUnitBar = 11; //px
+	private static int fieldTrainingCap = 45;
+	
+	private static int privateCap = 80;
+	
+	private static int corporalCap = 105;
+	
+	private static int sergeantCap = 130;
+	
+	private static int lieutenantCap = 145;
+	
+	private static int majorCap = 175;
+	
+	private static int admiralCap = 999; //everything above Major is Admiral
+	
 	/**
 	 * This method hashes the user submitted password and sends it to the database.
 	 * The database does the rest of the work, including Brute Force prevention.
@@ -138,6 +152,7 @@ public static String[] authUser (String ApplicationRoot, String userName, String
 		catch (SQLException e) 
 		{
 			log.error("Login Failure: " + e.toString());
+			result = null;
 			//Lagging Response
 		}
 		Database.closeConnection(conn);
@@ -150,17 +165,17 @@ public static String[] authUser (String ApplicationRoot, String userName, String
 	 * @param ApplicationRoot The current running context of an application
 	 * @param moduleId The module identifier 
 	 * @param userId The user identifier
-	 * @return The result key of the module if the user has not completed the level. 
+	 * @return The module name of the module IF the user has not completed AND the user has previously opened the challenge. 
 	 */
 	public static String checkPlayerResult(String ApplicationRoot, String moduleId, String userId)
 	{
-		log.debug("*** Setter.checkPlayerResult ***");
+		log.debug("*** Getter.checkPlayerResult ***");
 		
 		String result = null;
 		Connection conn = Database.getCoreConnection(ApplicationRoot);
 		try
 		{
-			log.debug("Preparing userUpdateResult call");
+			log.debug("Preparing userCheckResult call");
 			CallableStatement callstmnt = conn.prepareCall("call userCheckResult(?, ?)");
 			callstmnt.setString(1, moduleId);
 			callstmnt.setString(2, userId);
@@ -179,45 +194,6 @@ public static String checkPlayerResult(String ApplicationRoot, String moduleId,
 		return result;
 	}
 	
-	/**
-	 * This method is used to determine if a CSRF level has been completed. A call is made to the DB that returns the CSRF counter for a level. If this counter is greater than 0, the level has been completed
-	 * @param applicationRoot Running context of the application
-	 * @param moduleHash Hash ID of the CSRF module you wish to check if a user has completed
-	 * @param userId the ID of the user to check
-	 * @return True or False value depicting if the user has completed the module
-	 */
-	public static boolean isCsrfLevelComplete (String applicationRoot, String moduleId, String userId)
-	{
-		log.debug("*** Setter.isCsrfLevelComplete ***");
-		
-		boolean result = false;
-		
-		Connection conn = Database.getCoreConnection(applicationRoot);
-		try
-		{
-			log.debug("Preparing csrfLevelComplete call");
-			CallableStatement callstmnt = conn.prepareCall("call csrfLevelComplete(?, ?)");
-			callstmnt.setString(1, moduleId);
-			callstmnt.setString(2, userId);
-			log.debug("moduleId: " + moduleId);
-			log.debug("userId: " + userId);
-			log.debug("Executing csrfLevelComplete");
-			ResultSet resultSet = callstmnt.executeQuery();
-			resultSet.next();
-			result = resultSet.getInt(1) > 0; // If Result is > 0, then the CSRF level is complete
-			if(result)
-				log.debug("CSRF Level is complete");
-		}
-		catch(SQLException e)
-		{
-			log.error("csrfLevelComplete Failure: " + e.toString());
-			result = false;
-		}
-		Database.closeConnection(conn);
-		log.debug("*** END isCsrfLevelComplete ***");
-		return result;
-	}
-	
 	/**
 	 * Used to decipher whether or not a user exists as a player
 	 * @param userId The user identifier of the player to be found
@@ -237,7 +213,7 @@ public static boolean findPlayerById (String ApplicationRoot, String userId)
 			ResultSet userFind = callstmt.executeQuery();
 			log.debug("Opening Result Set from playerFindById");
 			userFind.next(); //This will throw an exception if player not found
-			log.debug("Player Found"); //This line will not execute if player not found
+			log.debug("Player Found: " + userFind.getString(1)); //This line will not execute if player not found
 			userFound = true;
 		}
 		catch(Exception e)
@@ -395,7 +371,7 @@ public static int getClassCount(String ApplicationRoot)
 	
 	/**
 	 * @param ApplicationRoot The current running context of the application
-	 * @return Result set containing class information
+	 * @return Result set containing class info in the order classId, className and then classYear
 	 */
 	public static ResultSet getClassInfo(String ApplicationRoot)
 	{
@@ -421,7 +397,7 @@ public static ResultSet getClassInfo(String ApplicationRoot)
 	/**
 	 * @param ApplicationRoot The current running context of the application
 	 * @param classId The identifier of the class
-	 * @return Class information based on the classId parameter
+	 * @return String Array with Class information with the format of {name, year}
 	 */
 	public static String[] getClassInfo(String ApplicationRoot, String classId)
 	{
@@ -733,53 +709,7 @@ public static String getIncrementalModules (String ApplicationRoot, String userI
 			}
 			
 			//This is the script for menu interaction
-			output += "<script>" +
-		"$(\"#completedList\").click(function () {" +
-			"$(\"#theCompletedList\").toggle(\"slow\");" +
-			"$(\"#theUncompletedList\").hide(\"fast\");" +
-			"$(\"#theAdminList\").hide(\"fast\");" +
-		"});" +
-		"" +
-		"$(\"#uncompletedList\").click(function () {" +
-			"$(\"#theUncompletedList\").toggle(\"slow\");" +
-			"$(\"#theCompletedList\").hide(\"fast\");" +
-			"$(\"#theAdminList\").hide(\"fast\");" +
-		"});" +
-		"$(\".lesson\").click(function(){" +
-		"	var whatFile = $(this).attr('id');" +
-		"	$(\"#currentModule\").val(whatFile);" +
-		"	var theActualFile = \"\";" +
-		"	$(\"#solutionDiv\").hide(\"fast\");" +
-		"	$(\"#contentDiv\").slideUp(\"slow\", function(){" +
-		"		var ajaxCall = $.ajax({" +
-		"			type: \"POST\"," +
-		"			url: \"getModule\"," +
-		"			data: {" +
-		"				moduleId: whatFile," +
-		"				csrfToken: \""
-		+ encoder.encodeForHTML(csrfToken) +
-		"\"" +
-		"			}," +
-		"			async: false" +
-		"		});" +
-		"		if(ajaxCall.status == 200)" +
-		"		{" +
-		"			theActualFile = ajaxCall.responseText;" +
-		"			$('#contentDiv').html(\"<iframe frameborder='no' class='levelIframe' id='theLesson' src='\" + theActualFile + \"'></iframe>\");" +
-		"			$(\"#theLesson\").load(function(){" +
-		"				$(\"#submitResult\").slideDown(\"fast\", function(){" +
-		"					$(\"#contentDiv\").slideDown(\"slow\");" +
-		"				});" +
-		"			}).appendTo('#contentDiv');" +
-		"		}" +
-		"		else" +
-		"		{" +
-		"			$('#contentDiv').html(\"<p> " + bundle.getString("generic.text.sorryError") + ": \" + ajaxCall.status + \" \" + ajaxCall.statusText + \"</p>\");" +
-		"			$(\"#contentDiv\").slideDown(\"slow\");" +
-		"		}" +
-		"	});" +
-		"});" +
-		"</script>";
+			output += "<script>applyMenuButtonActionsCtfMode('" + encoder.encodeForHTML(csrfToken) + "', \"" + encoder.encodeForHTML(bundle.getString("generic.text.sorryError")) + "\");</script>";
 		}
 		catch(Exception e)
 		{
@@ -790,23 +720,122 @@ public static String getIncrementalModules (String ApplicationRoot, String userI
 		return output;
 	}
 	
+	/**
+	 * This method prepares the incremental module menu. This is when Security Shepherd is in "Game Mode".
+	 * Users are presented with one uncompleted module at a time. This method does not return the JS script describing how the menu used should work
+	 * @param ApplicationRoot The running context of the application.
+	 * @param userId The user identifier of the user.
+	 * @param csrfToken The cross site request forgery token
+	 * @return A HTML menu of a users current module progress and a script for interaction with this menu
+	 */
+	public static String getIncrementalModulesWithoutScript (String ApplicationRoot, String userId, String lang, String csrfToken)
+	{
+		log.debug("*** Getter.getIncrementalChallengesWithoutScript ***");
+		String output = new String();
+		Encoder encoder = ESAPI.encoder();
+		Connection conn = Database.getCoreConnection(ApplicationRoot);
+		
+		Locale.setDefault(new Locale("en"));
+		Locale locale = new Locale(lang);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.text", locale);
+		ResourceBundle levelNames = ResourceBundle.getBundle("i18n.moduleGenerics.moduleNames", locale);
+		
+		try
+		{
+			CallableStatement callstmt = conn.prepareCall("call moduleIncrementalInfo(?)");
+			callstmt.setString(1, userId);
+			log.debug("Gathering moduleIncrementalInfo ResultSet");
+			ResultSet modules = callstmt.executeQuery();
+			log.debug("Opening Result Set from moduleIncrementalInfo");
+			boolean lastRow = false;
+			boolean completedModules = false;
+			
+			
+			//Preparing first Category header; "Completed"
+			output = "<li><a id='completedList' href='javascript:;'><div class='menuButton'>" + bundle.getString("getter.button.completed") + "</div></a>\n" +
+				"<ul id='theCompletedList' style='display: none;' class='levelList'>";
+			
+			while(modules.next() && !lastRow)
+			{
+				//For each row, prepair the modules the users can select
+				if(modules.getString(4) != null) //If not Last Row
+				{
+					completedModules = true;
+					output += "<li>";
+					output += "<a class='lesson' id='" 
+						+ encoder.encodeForHTMLAttribute(modules.getString(3))
+						+ "' href='javascript:;'>" 
+						+ encoder.encodeForHTML(levelNames.getString(modules.getString(1))) 
+						+ "</a>";
+					output += "</li>";
+				}
+				else
+				{
+					lastRow = true;
+					//Last Row - Highlighed Next Challenge
+					if(completedModules)
+					{
+						output += "</ul></li><li>";
+					}
+					else
+					{
+						//NO completed modules, so dont show any...
+						output = new String();
+					}
+					
+					//Second category - Uncompleted
+					output += "<a class='lesson' id='" 
+						+ encoder.encodeForHTMLAttribute(modules.getString(3))
+						+ "' href='javascript:;'>" 
+						+ "<div class='menuButton'>" + bundle.getString("getter.button.nextChallenge")+ "</div>" 
+						+ "</a>";
+					output += "</li>";					
+				}
+			}
+			
+			if(!lastRow) //If true, then the user has completed all challenges
+			{
+				output += "<h2 id='uncompletedList'><a href='javascript:;'>" + bundle.getString("getter.button.finished") + "</a></h2>\n" +
+				"</li>";
+			}
+			if(output.isEmpty()) //If this method has gone so far without any output, create a error message
+			{
+				output = "<li><a href='javascript:;'>" + bundle.getString("getter.button.noModulesFound") + "</a></li>";
+			}
+			else //final tags to ensure valid HTML
+			{
+				log.debug("Appending End tags");
+				//output += "</ul></li>"; //Commented Out to prevent Search Box being pushed into Footer
+			}
+		}
+		catch(Exception e)
+		{
+			log.error("Challenge Retrieval: " + e.toString());
+		}
+		Database.closeConnection(conn);
+		log.debug("*** END getIncrementalChallengesWithoutScript() ***");
+		return output;
+	}
+	
 	/**
 	 * Use to return the current progress of a class in JSON format with information like userid, user name and score
 	 * @param applicationRoot The current running context of the application
 	 * @param classId The identifier of the class to use in lookup
-	 * @return A JSON representation of a class's progress in the application
+	 * @return A JSON representation of a class's score in the order {id, username, userTitle, score, scale, place, order, 
+	 * goldmedalcount, goldDisplay, silverMedalCount, silverDisplay, bronzeDisplay, bronzeMedalCount}
 	 */
 	@SuppressWarnings("unchecked")
 	public static String getJsonScore(String applicationRoot, String classId) 
 	{
+		log.debug("classId: " + classId);
 		String result = new String();
-		Encoder encoder = ESAPI.encoder();
 		Connection conn = Database.getCoreConnection(applicationRoot);
 		try
 		{
+			Encoder encoder = ESAPI.encoder();
 			//Returns User's: Name, # of Completed modules and Score
 			CallableStatement callstmnt = null;
-			if(ScoreboardStatus.getScoreboardClass().isEmpty())
+			if(ScoreboardStatus.getScoreboardClass().isEmpty() && !ScoreboardStatus.isClassSpecificScoreboard())
 				callstmnt = conn.prepareCall("call totalScoreboard()"); //Open Scoreboard not based on a class
 			else
 			{
@@ -954,7 +983,7 @@ public static String getJsonScore(String applicationRoot, String classId)
 	 * Used to gather a menu of lessons for a user, including markers for each lesson they have completed or not completed
 	 * @param ApplicationRoot The current running context of the application
 	 * @param userId Identifier of the user
-	 * @return HTML lesson menu.
+	 * @return HTML lesson menu for Open Floor Plan.
 	 */
 	public static String getLessons (String ApplicationRoot, String userId, Locale lang)
 	{
@@ -1051,6 +1080,8 @@ public static String getModuleAddress (String ApplicationRoot, String moduleId,
 		catch(Exception e)
 		{
 			log.error("Module Hash Retrieval: " + e.toString());
+			log.error("moduleID = " + moduleId);
+			log.error("userID = " + userId);
 		}
 		Database.closeConnection(conn);
 		log.debug("*** END getModuleAddress() ***");
@@ -1115,7 +1146,6 @@ public static String getModuleHash(String applicationRoot, String moduleId)
 		log.debug("*** END getModuleHash ***");
 		return result;
 	}
-	
 	/**
 	 * Convert module hash to ID
 	 * @param ApplicationRoot The current running context of the application
@@ -1181,10 +1211,41 @@ public static boolean getModuleKeyType (String ApplicationRoot, String moduleId)
 		return theKeyType;
 	}
 	
+	/**
+	 * This method retrieves the i18n local key for a module's name.
+	 * @param applicationRoot Application Running Context
+	 * @param moduleId ID of the module to lookup
+	 * @return Locale key for the Module's Name.
+	 */
+	public static String getModuleNameLocaleKey(String applicationRoot, String moduleId) 
+	{
+		log.debug("*** Getter.getModuleNameLocaleKey ***");
+		String result = new String();
+		Connection conn = Database.getCoreConnection(applicationRoot);
+		try
+		{
+			CallableStatement callstmt = conn.prepareCall("call moduleGetNameLocale(?)");
+			log.debug("Gathering moduleGetNameLocale ResultSet");
+			callstmt.setString(1, moduleId);
+			ResultSet resultSet = callstmt.executeQuery();
+			log.debug("Opening Result Set from moduleGetNameLocale");
+			resultSet.next();
+			result = resultSet.getString(1);
+		}
+		catch (SQLException e)
+		{
+			log.error("Could not execute moduleGetNameLocale: " + e.toString());
+			result = null;
+		}
+		Database.closeConnection(conn);
+		log.debug("*** END getModuleNameLocaleKey ***");
+		return result;
+	}
+	
 	/**
 	 * @param ApplicationRoot The current running context of the application
 	 * @param moduleId Identifier of module
-	 * @return The solution key for a module
+	 * @return The db stored solution key value for the moduleId submitted
 	 */
 	public static String getModuleResult (String ApplicationRoot, String moduleId)
 	{
@@ -1216,7 +1277,7 @@ public static String getModuleResult (String ApplicationRoot, String moduleId)
 	 * Returns the result key for a module using the module's hash for the lookup procedure.
 	 * @param ApplicationRoot The current running context of the application
 	 * @param moduleHash The hash to use for module look up
-	 * @return
+	 * @return The db stored solution key value for the moduleHash submited
 	 */
 	public static String getModuleResultFromHash (String ApplicationRoot, String moduleHash)
 	{
@@ -1283,7 +1344,7 @@ public static String getModulesInOptionTags (String ApplicationRoot)
 	 * Used in creating functionality that requires a user to select a module. 
 	 * This method only prepares the option tags for this type of input. It must still be wrapped in select tags.
 	 * @param ApplicationRoot The current running context of the application
-	 * @return All modules in HTML option tags
+	 * @return All modules in HTML option tags ordered by incrementalRank
 	 */
 	public static String getModulesInOptionTagsCTF (String ApplicationRoot)
 	{
@@ -1317,7 +1378,8 @@ public static String getModulesInOptionTagsCTF (String ApplicationRoot)
 	 * Used to return a module cheat sheet
 	 * @param ApplicationRoot The current running context of the application
 	 * @param moduleId The identifier of the module to return the cheat sheet for
-	 * @return Module cheat sheet
+	 * @param lang The Locale the user has enabled
+	 * @return String[] containing {ModuleName, CheatSheetSolution}
 	 */
 	public static String[] getModuleSolution (String ApplicationRoot, String moduleId, Locale lang)
 	{
@@ -1334,7 +1396,7 @@ public static String[] getModuleSolution (String ApplicationRoot, String moduleI
 			ResultSet resultSet = callstmt.executeQuery();
 			log.debug("Opening Result Set from cheatSheetGetSolution");
 			resultSet.next();
-			result[0] = resultSet.getString(1);//TODO investigate translation
+			result[0] = resultSet.getString(1);
 			result[1] = bundle.getString(resultSet.getString(2));
 			
 		}
@@ -1349,11 +1411,10 @@ public static String[] getModuleSolution (String ApplicationRoot, String moduleI
 	}
 	
 	/**
-	 * This method returns the modules with open and closed in different &lt;select&gt; elements for administration manipulation
-	 * @param ApplicationRoot
-	 * @param userId
-	 * @param csrfToken
-	 * @return
+	 * This method returns modules in option tags in different &lt;select&gt; elements depending on their current open/closed status. 
+	 * The output assumes it is contained in a table context
+	 * @param ApplicationRoot The Running Context of the Application
+	 * @return Tr/td elements containing a moduleStatusMenu that has lists of the current open and closed modules
 	 */
 	public static String getModuleStatusMenu (String ApplicationRoot)
 	{
@@ -1399,13 +1460,10 @@ public static String getModuleStatusMenu (String ApplicationRoot)
 		Database.closeConnection(conn);
 		return output;
 	}
-	
 	/**
-	 * This method returns the module categories to open or closed in a &lt;select&gt; element for administration manipulation
+	 * This method returns the module categories in option tags that are to be open or closed in a &lt;select&gt; element for administration manipulation
 	 * @param ApplicationRoot
-	 * @param userId
-	 * @param csrfToken
-	 * @return
+	 * @return Module Category List for Html (&lt;SELECT&gt; element)
 	 */
 	public static String getOpenCloseCategoryMenu (String ApplicationRoot)
 	{
@@ -1436,14 +1494,13 @@ public static String getOpenCloseCategoryMenu (String ApplicationRoot)
 		Database.closeConnection(conn);
 		return output;
 	}
-	
 	/**
 	 * This method is used to gather users according by class. Thanks to MySQL syntax, where class = null will return nothing, is null must be used.
 	 *  <br/>is 'validClass' will Error, = 'validclass' must be used.<br/>
 	 * So there are two procedures this method calls. One that handles null classes, one that does not
 	 * @param ClassId Identifier of class
 	 * @param ApplicationRoot The current running context of the application
-	 * @return ResultSet that contains users for the selected class
+	 * @return ResultSet that contains users for the selected class in the formate {userId, userName, userAddress}
 	 */
 	public static ResultSet getPlayersByClass(String ApplicationRoot, String classId)
 	{
@@ -1479,7 +1536,6 @@ public static ResultSet getPlayersByClass(String ApplicationRoot, String classId
 		log.debug("*** END getPlayersByClass");
 		return result;
 	}
-	
 	/**
 	 * Used to present the progress of a class in a series of loading bars
 	 * @param applicationRoot The current running context of the application
@@ -1530,7 +1586,6 @@ public static String getProgress(String applicationRoot, String classId)
 		log.debug("*** END getProgress ***");
 		return result;
 	}
-	
 	/**
 	 * Use to return the current progress of a class in JSON format with information like user name, score and completed modules
 	 * @param applicationRoot The current running context of the application
@@ -1588,7 +1643,25 @@ public static String getProgressJSON(String applicationRoot, String classId)
 		log.debug("*** END getProgressJSON ***");
 		return result;
 	}
-	
+	private static int getTounnamentSectionFromRankNumber (int rankNumber)
+	{
+		if(rankNumber < fieldTrainingCap)
+			return 1;
+		else if (rankNumber < privateCap)
+			return 2;
+		else if (rankNumber < corporalCap)
+			return 3;
+		else if (rankNumber < sergeantCap)
+			return 4;
+		else if (rankNumber < lieutenantCap)
+			return 5;
+		else if (rankNumber < majorCap)
+			return 6;
+		else if (rankNumber < admiralCap)
+			return 7;
+		else
+			return 7; //Max level is 7.
+	}
 	/**
 	 * This method prepares the Tournament module menu. This is when Security Shepherd is in "Tournament Mode".
 	 * Users are presented with a list of that are specified as open. 
@@ -1713,32 +1786,65 @@ public static String getTournamentModules (String ApplicationRoot, String userId
 		Database.closeConnection(conn);
 		return levelMasterList;
 	}
+	/**
+	 * @param ApplicationRoot The current running context of the application
+	 * @param userName The username of the user
+	 * @return The class id of the submitted user name
+	 */
+	public static String getUserClassFromName (String ApplicationRoot, String userName)
+	{
+		log.debug("*** Getter.getUserClass ***");
+		String result = new String();
+		Connection conn = Database.getCoreConnection(ApplicationRoot);
+		try
+		{
+			CallableStatement callstmt = conn.prepareCall("call userClassId(?)");
+			log.debug("Gathering userClassId ResultSet");
+			callstmt.setString(1, userName);
+			ResultSet resultSet = callstmt.executeQuery();
+			log.debug("Opening Result Set from userClassId");
+			resultSet.next();
+			result = resultSet.getString(1);
+			log.debug("Found " + result);
+		}
+		catch (SQLException e)
+		{
+			log.error("Could not execute userClassId: " + e.toString());
+			result = new String();
+		}
+		Database.closeConnection(conn);
+		log.debug("*** END getUserClass ***");
+		return result;
+	}
 	
-	private static int fieldTrainingCap = 45;
-	private static int privateCap = 80;
-	private static int corporalCap = 105;
-	private static int sergeantCap = 130;
-	private static int lieutenantCap = 145;
-	private static int majorCap = 175;
-	private static int admiralCap = 999; //everything above Major is Admiral
-	private static int getTounnamentSectionFromRankNumber (int rankNumber)
+	/**
+	 * @param ApplicationRoot The current running context of the application
+	 * @param userName The username of the user
+	 * @return The user id of the submitted user name
+	 */
+	public static String getUserIdFromName (String ApplicationRoot, String userName)
 	{
-		if(rankNumber < fieldTrainingCap)
-			return 1;
-		else if (rankNumber < privateCap)
-			return 2;
-		else if (rankNumber < corporalCap)
-			return 3;
-		else if (rankNumber < sergeantCap)
-			return 4;
-		else if (rankNumber < lieutenantCap)
-			return 5;
-		else if (rankNumber < majorCap)
-			return 6;
-		else if (rankNumber < admiralCap)
-			return 7;
-		else
-			return 7; //Max level is 7.
+		log.debug("*** Getter.getUserIdFromName ***");
+		String result = new String();
+		Connection conn = Database.getCoreConnection(ApplicationRoot);
+		try
+		{
+			CallableStatement callstmt = conn.prepareCall("call userGetIdByName(?)");
+			log.debug("Gathering userGetIdByName ResultSet");
+			callstmt.setString(1, userName);
+			ResultSet resultSet = callstmt.executeQuery();
+			log.debug("Opening Result Set from userGetIdByName");
+			resultSet.next();
+			result = resultSet.getString(1);
+		}
+		catch (SQLException e)
+		{
+			log.error("Could not execute query: " + e.toString());
+			result = null;
+		}
+		Database.closeConnection(conn);
+		log.debug("*** END getUserIdFromName ***");
+		return result;
 	}
 	
 	/**
@@ -1772,32 +1878,43 @@ public static String getUserName (String ApplicationRoot, String userId)
 	}
 	
 	/**
-	 * Used by authentication to check if account is locked before continuing with authentication process.
-	 * @param ApplicationRoot The current running context of the application
-	 * @param userName The userName to use for check
-	 * @return A boolean value of if the user account is locked
+	 * This method is used to determine if a CSRF level has been completed. 
+	 * A call is made to the DB that returns the CSRF counter for a level. 
+	 * If this counter is greater than 0, the level has been completed
+	 * @param applicationRoot Running context of the application
+	 * @param moduleHash Hash ID of the CSRF module you wish to check if a user has completed
+	 * @param userId the ID of the user to check
+	 * @return True or False value depicting if the user has completed the module
 	 */
-	public static boolean isUserLocked (String ApplicationRoot, String userName)
+	public static boolean isCsrfLevelComplete (String applicationRoot, String moduleId, String userId)
 	{
-		log.debug("*** Getter.isUserLocked ***");
-		boolean result = true;
-		Connection conn = Database.getCoreConnection(ApplicationRoot);
+		log.debug("*** Setter.isCsrfLevelComplete ***");
+		
+		boolean result = false;
+		
+		Connection conn = Database.getCoreConnection(applicationRoot);
 		try
 		{
-			CallableStatement callstmt = conn.prepareCall("call userLocked(?)");
-			log.debug("Gathering userLocked ResultSet");
-			callstmt.setString(1, userName);
-			ResultSet userLocked = callstmt.executeQuery();
-			log.debug("Opening Result Set from userLocked");
-			userLocked.next();
-			result = !userLocked.getString(1).equalsIgnoreCase(userName);
+			log.debug("Preparing csrfLevelComplete call");
+			CallableStatement callstmnt = conn.prepareCall("call csrfLevelComplete(?, ?)");
+			callstmnt.setString(1, moduleId);
+			callstmnt.setString(2, userId);
+			log.debug("moduleId: " + moduleId);
+			log.debug("userId: " + userId);
+			log.debug("Executing csrfLevelComplete");
+			ResultSet resultSet = callstmnt.executeQuery();
+			resultSet.next();
+			result = resultSet.getInt(1) > 0; // If Result is > 0, then the CSRF level is complete
+			if(result)
+				log.debug("CSRF Level is complete");
 		}
-		catch (SQLException e)
+		catch(SQLException e)
 		{
-			log.error("Could not execute query: " + e.toString());
+			log.error("csrfLevelComplete Failure: " + e.toString());
+			result = false;
 		}
 		Database.closeConnection(conn);
-		log.debug("*** END isUserLocked ***");
+		log.debug("*** END isCsrfLevelComplete ***");
 		return result;
 	}
 }
diff --git a/SecurityShepherdCore/src/dbProcs/Setter.java b/SecurityShepherdCore/src/dbProcs/Setter.java
index 9f5d36a4f..8727bfa36 100644
--- a/SecurityShepherdCore/src/dbProcs/Setter.java
+++ b/SecurityShepherdCore/src/dbProcs/Setter.java
@@ -11,10 +11,6 @@
 import java.sql.SQLException;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
-import org.owasp.esapi.codecs.Codec;
-import org.owasp.esapi.codecs.MySQLCodec;
 
 /**
  * Used to add information to the Database
@@ -97,162 +93,6 @@ public static boolean closeAllModules (String ApplicationRoot)
 		return result;
 	}
 	
-	/**
-	 * Used to create a new module entry in the core database. The database will handle creating the new module identifier and module hash.
-	 * The module has will be returned form the database, and if it does not start will a letter, the application will update the database to reflect a hash starting with a letter, without sacrificing the uniqueness of the hash
-	 * @param applicationRoot The current running context of the application
-	 * @param challengeName The name of the module to create
-	 * @param challengeType The type of module to create
-	 * @param challengeCategory The category of the new challenge
-	 * @param challengeSolution The solution of the new challenge
-	 * @param isUserSpecificKey Is the Key for this level a user specific key or is it hard coded
-	 * @return The new module identifier
-	 */
-	public static String createModule(String applicationRoot, String challengeName, String challengeType, String challengeCategory, String challengeSolution, boolean isUserSpecificKey) 
-	{
-		log.debug("*** Setter.createModule ***");
-		String moduleId = null;
-		Connection conn = Database.getCoreConnection(applicationRoot);
-		try
-		{
-			CallableStatement callstmt = conn.prepareCall("call moduleCreate(?, ?, ?, ?, ?)");
-			log.debug("Preparing moduleCreate procedure");
-			callstmt.setString(1, challengeName);
-			callstmt.setString(2, challengeType);
-			callstmt.setString(3, challengeCategory);
-			callstmt.setString(4, challengeSolution);
-			callstmt.setBoolean(5, isUserSpecificKey);
-			ResultSet resultSet = callstmt.executeQuery();
-			log.debug("Retrieving new moduleId");
-			//moduleCreate should return the new modules ID
-			resultSet.next();
-			moduleId = resultSet.getString(1);
-			log.debug("Returning: " + moduleId);
-			
-			//Ensuring module hash is Java friendly (starts with letter... For expanding framework in future work!
-			String theHash = resultSet.getString(2);
-			String firstChar = theHash.substring(0, 1);
-			try
-			{
-				//Cast char to int, if it works then if must be changed to a letter!
-				Integer theFirst = Integer.parseInt(firstChar);
-				//First char must be changed to a letter, but it canot be in the hash range a - f, to ensure that the hashes remain unique
-				switch(theFirst)
-				{
-				case 1:
-					firstChar = "o";
-					break;
-				case 2:
-					firstChar = "w";
-					break;
-				case 3:
-					firstChar = "r";
-					break;
-				case 4:
-					firstChar = "u";
-					break;
-				case 5:
-					firstChar = "i";
-					break;
-				case 6:
-					firstChar = "x";
-					break;
-				case 7:
-					firstChar = "v";
-					break;
-				case 8:
-					firstChar = "q";
-					break;
-				case 9:
-					firstChar = "y";
-					break;	
-				case 0:
-					firstChar = "z";
-					break;
-				}
-				theHash = firstChar + theHash.substring(1);
-				log.debug("hash Change suggestion: " + theHash);
-				PreparedStatement prepStat = conn.prepareStatement("UPDATE modules SET moduleHash = ? WHERE moduleId = ?");
-				prepStat.setString(1, theHash);
-				prepStat.setString(2, moduleId);
-				log.debug("Updating moduleHash to class friendly Name");
-				prepStat.execute();
-			}
-			catch(Exception e)
-			{
-				log.debug("Error Occurred: " + e.toString());
-			}
-			log.debug("moduleHash: " + theHash);
-		}
-		catch (SQLException e)
-		{
-			log.error("Could not execute cheatSheetCreate: " + e.toString());
-		}
-		Database.closeConnection(conn);
-		log.debug("*** END createModule ***");
-		return moduleId;
-	}
-	
-	/**
-	 * Used by the challenge builder to create a new schema on the vulnerable database server.
-	 * @param conn Connection to the vulnerable database server
-	 * @param challengeName The name of the challenge been created by the builder
-	 * @param tableName The name of the table to create in the vulnerable schema
-	 * @param attrib An array of attributes to use when creating the schema's table 
-	 * @param attribAmount The amount of attributes been created in the table
-	 * @return The new schema's name if successful
-	 * @throws SQLException Throws this exception if there is an error creating the vulnerable schema
-	 */
-	@SuppressWarnings("deprecation")
-	public static String createVulnerableSchema(Connection conn, String challengeName, String tableName, String[] attrib, int attribAmount) 
-	throws SQLException
-	{
-		String schemaName = new String();
-		log.debug("*** Setter.createVulnerableSchema ***");
-		Encoder encoder = ESAPI.encoder();
-		Codec mySql = new MySQLCodec(MySQLCodec.MYSQL_MODE);
-		try
-		{
-			//Preparing schema, table and attribute names
-			schemaName = "schema_" + encoder.encodeForSQL(mySql, challengeName.trim().toLowerCase().replaceAll(" ", ""));
-			String theTable = "tb_" + encoder.encodeForSQL(mySql, tableName);
-			for(int i = 0; i < 5; i++)
-			{
-				attrib[i] = "at_" + encoder.encodeForSQL(mySql, attrib[i]);
-				log.debug("attrib[" + i + "] = " + attrib[i]);
-			}
-			log.debug("Creating Challenge Schema: " + schemaName);
-			
-			//Not Parametrising, because parametrising sticks ' around the parameter. Which is invalid syntax for CREATE SCHEMA. So Encoding for Mysql should also prevent SQL injection
-			PreparedStatement prepStat = conn.prepareStatement("CREATE SCHEMA IF NOT EXISTS " + schemaName);
-			log.debug("Preparing Statement... CREATE SCHEMA IF NOT EXISTS " + schemaName);
-			prepStat.execute();
-			
-			log.debug("Creating Schema Table");
-			//Preparing sql String
-			String sql = "CREATE TABLE IF NOT EXISTS " + schemaName + "." + theTable + " (id INT NOT NULL AUTO_INCREMENT, ";
-			for(int i = 0; i < 5; i++)
-				sql += attrib[i] + " VARCHAR(64) NOT NULL, ";
-			sql += "PRIMARY KEY (id))ENGINE = InnoDB; ";
-			log.debug("Preparing Execution");
-			prepStat = conn.prepareStatement(sql);
-			prepStat.execute();
-			log.debug("Table Created");
-			
-			log.debug("Committing Changes");
-			prepStat = conn.prepareStatement("COMMIT;");
-			prepStat.execute();
-		}
-		catch (SQLException e)
-		{
-			schemaName = null;
-			log.error("Could not create schema: " + e.toString());
-			throw e;
-		}
-		log.debug("*** END Setter.createVulnerableSchema ***");
-		return schemaName;
-	}
-	
 	/**
 	 * Used to increment bad submission counter in DB. DB will handle point deductions once the counter hits 40
 	 * @param ApplicationRoot application running context
@@ -311,7 +151,7 @@ public static boolean openAllModules (String ApplicationRoot)
 		return result;
 	}
 	
-	final static String webModuleCategoryHardcodedWhereClause = new String(""
+	final public static String webModuleCategoryHardcodedWhereClause = new String(""
 			+ "moduleCategory = 'CSRF'"
 			+ " OR moduleCategory = 'Failure to Restrict URL Access'"
 			+ " OR moduleCategory = 'Injection'"
@@ -322,13 +162,14 @@ public static boolean openAllModules (String ApplicationRoot)
 			+ " OR moduleCategory = 'XSS'"
 			+ " OR moduleCategory = 'Poor Data Validation'"
 			+ " OR moduleCategory = 'Security Misconfigurations'");
-	final static String mobileModuleCategoryHardcodedWhereClause = new String(""
+	final public static String mobileModuleCategoryHardcodedWhereClause = new String(""
 			+ "moduleCategory = 'Mobile Data Leakage'"
 			+ " OR moduleCategory = 'Mobile Injection'"
 			+ " OR moduleCategory = 'Mobile Insecure Data Storage'"
 			+ " OR moduleCategory = 'Mobile Reverse Engineering'"
 			+ " OR moduleCategory = 'Mobile Broken Crypto'"
-			+ " OR moduleCategory = 'Mobile Mobile Poor Authentication'");
+			+ " OR moduleCategory = 'Mobile Content Providers'"
+			+ " OR moduleCategory = 'Mobile Poor Authentication'");
 	
 	/**
 	 * This is used to only open Mobile category levels
@@ -388,92 +229,6 @@ public static boolean openOnlyWebCategories (String ApplicationRoot)
 		return result;
 	}
 	
-	/**
-	 * Used to populate the vulnerable schemas table with an array of attributes. This method adds ONE row to a table
-	 * @param conn Connection to the vulnerable database server
-	 * @param schemaName The name of the schema in the vulnerable database server
-	 * @param theTable The name of the table to populate
-	 * @param data The data to use for population
-	 * @param attrib The list of attributes to be populated
-	 * @param attribAmount The amount of attributes been populated
-	 * @throws SQLException Thrown if there is a population error
-	 */
-	public static void populateVulnerableSchema(Connection conn, String schemaName, String theTable, String[] data, String[] attrib, int attribAmount)
-	throws SQLException
-	{
-		log.debug("In-putted Parameters;");
-		log.debug("conn: " + conn.toString());
-		log.debug("schemaName: " + schemaName);
-		log.debug("data: " + data.toString());
-		log.debug("attrib: " + attrib.toString());
-		log.debug("attribAmount: " + attribAmount);
-		
-		//Preparing population script
-		String sql = new String();
-		log.debug("Adding data to table");
-		// Creating: INSERT INTO schema.tb_table (
-		sql = "INSERT INTO " + schemaName + ".tb_" + theTable + " (";
-		// Creating: attrib1, attrib2, attrib3, attrib4, attrib5
-		for(int i = 0; i < attribAmount; i++)
-		{
-			sql += attrib[i];
-			if(i < attribAmount - 1)
-				sql += ", ";
-		}
-		// Creating: ) VALUES (val1, val2, val3, val4, val5);
-		sql += ") VALUES (";
-		for(int i = 0; i < attribAmount; i++)
-		{
-			sql += "?";
-			if(i < attribAmount - 1)
-				sql += ", ";
-		}
-		sql += ");";
-		
-		try
-		{
-			log.debug("Prepared Statement: " + sql);
-			PreparedStatement prepStat1;
-			if(conn.isClosed())
-			{
-				log.error("Connection is closed");
-			}
-			
-			log.debug("Adding Row");
-			prepStat1 = conn.prepareStatement(sql);
-			
-			//debug statements and prepare statements
-			log.debug("prepStat.setString(1, " + data[0] + ")");
-			prepStat1.setString(1, data[0]);
-			log.debug("prepStat.setString(2, " + data[1] + ")");
-			prepStat1.setString(2, data[1]);
-			log.debug("prepStat.setString(3, " + data[2] + ")");
-			prepStat1.setString(3, data[2]);
-			log.debug("prepStat.setString(4, " + data[3] + ")");
-			prepStat1.setString(4, data[3]);
-			log.debug("prepStat.setString(5, " + data[4] + ")");
-			prepStat1.setString(5, data[4]);
-			
-			log.debug("Executing Statement for row");
-			log.debug(prepStat1.toString());
-			prepStat1.execute();
-			log.debug("Tables Populated");
-			log.debug("Committing Changes");
-			prepStat1 = conn.prepareStatement("COMMIT;");
-			prepStat1.execute();
-		}
-		catch(SQLException e1)
-		{
-			log.error("Could not populate table: " + e1.toString());
-			throw e1;
-		}
-		catch(Exception e1)
-		{
-			log.error("Could not populate table, None Database Error: " + e1.toString());
-			throw new SQLException("Could not execute Population");
-		}
-	}
-	
 	/**
 	 * Resets user bad submission counter to 0
 	 * @param ApplicationRoot Application's running context
@@ -544,7 +299,7 @@ public static boolean setCoreDatabaseInfo(String applicationRoot, String url, St
 	/**
 	 * This method is used to store a CSRF Token for a specific user in the csrfChallengeSeven DB Schema. May not necessarily be a new CSRF token after running
 	 * @param userId User Identifier
-	 * @param csrfToken CSRF Token to add to the csrfChallengeSix DB Schema
+	 * @param csrfToken CSRF Token to add to the csrfChallengeFour DB Schema
 	 * @param ApplicationRoot Running context of the application
 	 * @return Returns current CSRF token for user for CSRF Ch4 
 	 */
@@ -676,7 +431,7 @@ public static boolean setExposedDatabaseInfo(String applicationRoot, String url,
 	 * @param ApplicationRoot Used to locate database properties file
 	 * @param moduleCategory The module category to open or closed
 	 * @param openOrClosed What to set the module status to. Can only be "open" or "closed"
-	 * @return
+	 * @return True if method executes without failure
 	 */
 	public static boolean setModuleCategoryStatusOpen (String ApplicationRoot, String moduleCategory, String openOrClosed)
 	{
@@ -858,36 +613,6 @@ public static boolean unSuspendUser(String ApplicationRoot, String userId)
 		return result;
 	}
 	
-	/**
-	 * Used to update a module's cheat sheet
-	 * @param applicationRoot The current running context of the application
-	 * @param moduleId The identifier of the module to update
-	 * @param newSolution The new cheat sheet content
-	 * @return A boolean value reflecting the success of the operation
-	 */
-	public static boolean updateCheatSheet(String applicationRoot, String moduleId, String newSolution) 
-	{
-		log.debug("*** Getter.updateCheatSheet ***");
-		boolean result = false;
-		Connection conn = Database.getCoreConnection(applicationRoot);
-		try
-		{
-			CallableStatement callstmt = conn.prepareCall("call cheatSheetCreate(?, ?)");
-			log.debug("Preparing cheatSheetCreate procedure");
-			callstmt.setString(1, moduleId);
-			callstmt.setString(2, newSolution);
-			callstmt.execute();
-			result = true;
-		}
-		catch (SQLException e)
-		{
-			log.error("Could not execute cheatSheetCreate: " + e.toString());
-		}
-		Database.closeConnection(conn);
-		log.debug("*** END updateCheatSheet ***");
-		return result;
-	}
-	
 	/**
 	 * Used to increment a users CSRF counter for CSRF levels.
 	 * @param ApplicationRoot The current running context of the application.
@@ -954,7 +679,7 @@ public static boolean updatePassword (String ApplicationRoot, String userName, S
 	/**
 	 * Updates a player's password without needing the current password
 	 * @param ApplicationRoot Running context of the applicaiton
-	 * @param userName The username of the user to update
+	 * @param userId The user id of the user to update
 	 * @param newPassword The new password to assign to the user
 	 * @return
 	 */
@@ -1077,9 +802,9 @@ public static String updatePlayerResult(String ApplicationRoot, String moduleId,
 			callstmnt.setInt(5, difficulty);
 			callstmnt.setString(6, extra);
 			log.debug("Executing userUpdateResult");
-			ResultSet resultSet = callstmnt.executeQuery();
-			resultSet.next();
-			result = resultSet.getString(1);
+			callstmnt.execute();
+			//User Executed. Now Get the Level Name Langauge Key
+			result = Getter.getModuleNameLocaleKey(ApplicationRoot, moduleId);
 		}
 		catch(SQLException e)
 		{
@@ -1220,6 +945,7 @@ public static boolean userCreate (String ApplicationRoot, String classId, String
 		catch(SQLException e)
 		{
 			log.fatal("userCreate Failure: " + e.toString());
+			throw new SQLException(e);
 		}
 		Database.closeConnection(conn);
 		log.debug("*** END userCreate ***");	
diff --git a/SecurityShepherdCore/src/i18n/challenges/directObject/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.properties b/SecurityShepherdCore/src/i18n/challenges/directObject/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.properties
new file mode 100644
index 000000000..ff8ecf4e7
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/directObject/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.properties
@@ -0,0 +1,19 @@
+challenge.challengeName = Insecure Direct Object References Challenge Two
+challenge.whatToDo = To complete this challenge you must sign in to a bank account that has more than 5000000 euro in it. If you have more than this amount in your account, just sign out and back in again of the bank account to get the key, or open this level again.
+
+insecureBank.title = InsecureDirectBank
+insecureBank.message = Hey new customers. We're up and coming in the banking sector and would like to give you a free account. Just create an account and sign in here:
+insecureBank.signInNow = Sign in Now!
+insecureBank.signInNow.message = Use this form to sign into your account now!
+
+loginForm.holder = Account Holder:
+loginForm.password = Account Password:
+loginForm.signIn = Sign Into Bank Account
+
+form.loading = Loading...
+
+register.makeAccount = Register An Account!
+register.makeAccount.message = Use this form to register an account now!
+register.createAccount = Create Bank Account
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/challenges/directObject/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.properties b/SecurityShepherdCore/src/i18n/challenges/directObject/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.properties
new file mode 100644
index 000000000..2bf692b82
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/directObject/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.properties
@@ -0,0 +1,4 @@
+challenge.challengeName = Insecure Direct Object References Challenge One
+challenge.whatToDo = The result key for this challenge is stored in the private message for a user that is not listed below...
+challenge.showProfile = Show this Profile
+challenge.loading = Loading...
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/challenges/directObject/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.properties b/SecurityShepherdCore/src/i18n/challenges/directObject/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.properties
new file mode 100644
index 000000000..9e3347fee
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/directObject/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.properties
@@ -0,0 +1,4 @@
+challenge.challengeName = Insecure Direct Object References Challenge Two
+challenge.whatToDo = The result key for this challenge is stored in the private message for a user that is not listed below...
+challenge.showProfile = Show this Profile
+challenge.loading = Loading...
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties b/SecurityShepherdCore/src/i18n/challenges/injection/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties b/SecurityShepherdCore/src/i18n/challenges/injection/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
similarity index 91%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
index eb08e484b..863cf44f1 100644
--- a/SecurityShepherdCore/src/i18n/challenges/sqli/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
+++ b/SecurityShepherdCore/src/i18n/challenges/injection/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.properties
@@ -3,7 +3,7 @@ challenge.description = To complete this challenge, you must exploit the SQL inj
 challenge.hint = Challenge Hint
 challenge.hint.description = This is the query you are attempting to inject code into!
 challenge.form.pleaseEnter = Please enter the 
-challenge.form.customerEmail = Customer Email
+challenge.form.customerName = Customer Name
 challenge.form.userLookUp =  of the user that you want to look up
 challenge.form.getUser = Get this user
 sign.hint = Would you like a hint?
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties b/SecurityShepherdCore/src/i18n/challenges/injection/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties b/SecurityShepherdCore/src/i18n/challenges/injection/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties b/SecurityShepherdCore/src/i18n/challenges/injection/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties b/SecurityShepherdCore/src/i18n/challenges/injection/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties b/SecurityShepherdCore/src/i18n/challenges/injection/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties b/SecurityShepherdCore/src/i18n/challenges/injection/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties b/SecurityShepherdCore/src/i18n/challenges/injection/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties
similarity index 100%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.properties
diff --git a/SecurityShepherdCore/src/i18n/challenges/sqli/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties b/SecurityShepherdCore/src/i18n/challenges/injection/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
similarity index 82%
rename from SecurityShepherdCore/src/i18n/challenges/sqli/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
rename to SecurityShepherdCore/src/i18n/challenges/injection/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
index 35228e27e..69e63ce71 100644
--- a/SecurityShepherdCore/src/i18n/challenges/sqli/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
+++ b/SecurityShepherdCore/src/i18n/challenges/injection/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.properties
@@ -2,7 +2,7 @@ challenge.challengeName = SQL Injection Challenge Two
 challenge.description = To complete this challenge, you must exploit the SQL injection flaw in the following form to find the result key.
 challenge.hint = Challenge Hint
 challenge.hint.description = This is the query you are attempting to inject code into... But your input is been validated by the server before being sent to the interpreter!
-challenge.form.pleaseEnter = Please enter the <a>Customer Name</a> of the user that you want to look up
+challenge.form.pleaseEnter = Please enter the <a>Customer Email</a> of the user that you want to look up
 challenge.form.button.value = Get user
 sign.loading = Loading
 sign.hint = Would you like a hint?
diff --git a/SecurityShepherdCore/src/i18n/challenges/insecureCryptoStorage/insecureCryptoStorage.properties b/SecurityShepherdCore/src/i18n/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
new file mode 100644
index 000000000..826b60c7e
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
@@ -0,0 +1,36 @@
+insecureCryptoStorage.1.challengename = Insecure Cryptographic Storage Challenge 1
+insecureCryptoStorage.2.challengename = Insecure Cryptographic Storage Challenge 2
+insecureCryptoStorage.3.challengename = Insecure Cryptographic Storage Challenge 3
+insecureCryptoStorage.4.challengename = Insecure Crypto Storage Challenge 4
+
+insecureCryptoStorage.1.whatToDo = The result key has been encrypted to ensure that nobody can finish the challenge without knowing the secret key to decrypt it. However, the result key has been encrypted with a famous, but easily broken, Roman cipher. The Plain text is in English.
+
+insecureCryptoStorage.2.whatToDo = The result key has been encrypted to ensure that nobody can finish the challenge without knowing the secret key to decrypt it. The following form can be used to check if you have the correct result key.
+insecureCryptoStorage.2.checkKey = Check Result Key
+insecureCryptoStorage.2.hint = 2D Encryption
+insecureCyrptoStorage.2.commentedCode.1 = Validate theKey:
+insecureCyrptoStorage.2.commentedCode.2 = Transform input:
+insecureCyrptoStorage.2.commentedCode.3 = Check result for validity
+insecureCyrptoStorage.2.commentedCode.4 = Output the "output" variable to the HTML for viewing
+
+insecureCyrptoStorage.3.whatToDo = The result key to this level is the same as the encryption key used in the following sub application. Break the cipher and recover the encryption key! The result key is in all capital letters and is in English.
+insecureCyrptoStorage.3.ciphertextToDecrypt = Cipher text to decrypt:
+insecureCyrptoStorage.3.ciphertextExample = Cipher text Example
+insecureCyrptoStorage.3.tryDecryptThis = Try to decrypt this:
+
+insecureCyrptoStorage.4.whatToDo = If you can buy trolls for free you'll receive the key for this level!
+insecureCyrptoStorage.4.shop = Super Meme Shopping
+insecureCyrptoStorage.4.shop.message.1 = Hey customers: Due to a shipping mistake we are completely over stocked in rage Memes. Use the coupon code
+insecureCyrptoStorage.4.shop.message.2 = or
+insecureCyrptoStorage.4.shop.message.3 = to get yours for free!!!
+insecureCyrptoStorage.4.shop.picture = Picture
+insecureCyrptoStorage.4.shop.cost = Cost
+insecureCyrptoStorage.4.shop.quantity = Quantity
+insecureCyrptoStorage.4.shop.howToShop = Please select how many things you would like to buy and click submit
+insecureCyrptoStorage.4.shop.couponCode = Coupon Code:
+insecureCyrptoStorage.4.shop.submit = Place Order
+
+insecureCyrptoStorage.loading = Loading...
+insecureCyrptoStorage.errorOccurred = An Error Occurred
+insecureCyrptoStorage.decrypt = Decrypt
+
diff --git a/SecurityShepherdCore/src/i18n/challenges/mobile/brokenCrypto/brokenCrypto.properties b/SecurityShepherdCore/src/i18n/challenges/mobile/brokenCrypto/brokenCrypto.properties
new file mode 100644
index 000000000..0187da821
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/mobile/brokenCrypto/brokenCrypto.properties
@@ -0,0 +1,10 @@
+challenge1.challengeName = Mobile Broken Crypto 1
+challenge1.para1 = This App uses a deprecated encryption algorithm (DES) and breaks a vital rule of key management. The key is in the conversation. Decrypt the chat to get the key.  			
+
+
+challenge2.challengeName = Mobile Broken Crypto 2
+challenge2.para1 = This App uses DES to encrypt it's chat however it's developers have implemented this poorly. The key is in the conversation. Decrypt the chat to get the key.  			
+
+
+challenge3.challengeName = Mobile Broken Crypto 3
+challenge3.para1 = The key for this challenge can be found in the client side database. Get the key to pass this challenge.  			
diff --git a/SecurityShepherdCore/src/i18n/challenges/mobile/clientSideInjection/clientSideInjection.properties b/SecurityShepherdCore/src/i18n/challenges/mobile/clientSideInjection/clientSideInjection.properties
new file mode 100644
index 000000000..ec9333ec6
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/mobile/clientSideInjection/clientSideInjection.properties
@@ -0,0 +1,8 @@
+challenge1.challengeName = Mobile Client Side Injection 1
+challenge1.para1 = The App for this challenge uses sloppy filters in an attempt to thwart attackers. These filters can be easily bypassed. Login to get the key. 
+
+
+//TODO
+
+challenge2.challengeName = Mobile Client Side Injection 2
+challenge2.para1 = This App has an upgraded form of filtering. Bypass the filtering, and perform SQL Injection to sign in as a legitimate user. 
diff --git a/SecurityShepherdCore/src/i18n/challenges/mobile/insecureData/insecureDataStrings.properties b/SecurityShepherdCore/src/i18n/challenges/mobile/insecureData/insecureDataStrings.properties
new file mode 100644
index 000000000..d6e8dd35f
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/mobile/insecureData/insecureDataStrings.properties
@@ -0,0 +1,9 @@
+challenge1.challengeName = Mobile Insecure Data Storage 1
+challenge1.para1 = 	The App for this challenge stores user credentials within a database, the data has not been stored in plain text but it also has not been encrypted. Make the credentials readable to get the key. The key is the Admin's password.
+
+challenge2.challengeName = Mobile Insecure Data Storage 2
+challenge2.para1 = 	The App for this challenge, <a>InsecureData2</a> uses a hashing algorithm on stored user credentials. However, there are two issues here, firstly the user is using a <a>bad password</a>. Secondly, the App does <a>not use a salt</a> when hashing the data. The result key to this challenge is the user's password.
+
+
+challenge3.challengeName = Mobile Insecure Data Storage 3
+challenge3.para1 = 	Not all Apps will use <a>sqlite</a> to store user data, in some cases <a>SharedPreferences</a> is used. The key to this level can be gained once you log in as a legitimate user. 
diff --git a/SecurityShepherdCore/src/i18n/challenges/mobile/poorAuthentication/poorAuthentication.properties b/SecurityShepherdCore/src/i18n/challenges/mobile/poorAuthentication/poorAuthentication.properties
new file mode 100644
index 000000000..df8582827
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/mobile/poorAuthentication/poorAuthentication.properties
@@ -0,0 +1,2 @@
+challenge1.challengeName = Poor Authentication 1
+challenge1.para1 = 	You must log into the App  <a>PoorAuthentication1.apk</a> to get the key. The Username and Password have been saved but this App uses a specially generated <a>Authentication Code</a>. 
diff --git a/SecurityShepherdCore/src/i18n/challenges/mobile/reverseEngineer/reverseEngineer.properties b/SecurityShepherdCore/src/i18n/challenges/mobile/reverseEngineer/reverseEngineer.properties
new file mode 100644
index 000000000..ed16354dd
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/mobile/reverseEngineer/reverseEngineer.properties
@@ -0,0 +1,8 @@
+challenge1.challengeName = Mobile Reverse Engineer 1
+challenge1.para1 = This key to this challenge is the App author's name. Find it to complete the challenge.
+
+challenge2.challengeName = Mobile Reverse Engineer 2
+challenge2.para1 = When an attacker reverse engineers an APK, they usually find multiple <a>packages</a> containing multiple <a>activities</a>, containing multiple <a>methods</a> which have all been obfuscated to crawl through. The key for this challenge has been hard coded into the APK for this challenge. To get to the key reverse engineer the APK and find the correct Activity which performs a conditional statement to check the validity of the key.
+
+challenge3.challengeName = Mobile Reverse Engineer 3
+challenge3.para1 = The developers of this App, <a>ReverseEngineer3</a>, have decided to use an algorithm to confirm or deny the authenticity of the key. You must Reverse Engineer ReverseEngineer3.APK to find this algorithm. If you are unsure whether or not the key is correct, there is a key validity checker in the App. 
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/challenges/mobile/unintendedDataLeakage/dataLeakage.properties b/SecurityShepherdCore/src/i18n/challenges/mobile/unintendedDataLeakage/dataLeakage.properties
new file mode 100644
index 000000000..7e3ca6982
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/mobile/unintendedDataLeakage/dataLeakage.properties
@@ -0,0 +1,5 @@
+challenge1.challengeName = Unintended Data Leakage 1
+challenge1.para1 = Log in as the user of this App to get the key for this challenge. <a>Some data</a> has been logged but it is up to the attacker to know what to do with this data.
+
+challenge2.challengeName = Unintended Data Leakage 2
+challenge2.para1 = This App is leaking logs. The Key is the winning lotto number!
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/challenges/poorValidation/poorValidationStrings.properties b/SecurityShepherdCore/src/i18n/challenges/poorValidation/poorValidationStrings.properties
new file mode 100644
index 000000000..039cf51d6
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/poorValidation/poorValidationStrings.properties
@@ -0,0 +1,14 @@
+poorValidation.1.challengeName = Poor Validation One
+poorValidation.2.challengeName = Poor Validation Two
+
+poorValidation.whatToDo = If you can buy trolls for free you'll receive the key for this level!
+poorValidation.shopping = Super Meme Shopping
+poorValidation.shopping.whatToDo = Use this shop to buy whatever old memes you like!
+poorValidation.howToShop = Please select how many items you would like to buy and click submit
+poorValidation.picture = Picture
+poorValidation.cost = Cost
+poorValidation.quantity = Quantity
+poorValidation.placeOrder = Place Order
+poorValidation.loading = Loading...
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/challenges/securityMisconfig/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.properties b/SecurityShepherdCore/src/i18n/challenges/securityMisconfig/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.properties
new file mode 100644
index 000000000..9e43ecbb1
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/challenges/securityMisconfig/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.properties
@@ -0,0 +1,10 @@
+securityMisconfig.stealTokens.challengeName = Security Misconfiguration Cookie Flag Challenge
+securityMisconfig.stealTokens.description = To complete this challenge, you must steal the <a>securityMisconfigLesson</a> cookie of another user. The administrators of the sub application have misconfigured the mechanism which enforces cookie security flags. The cookie set in this lesson has not been given the "secure" flag. This means that in any HTTP requests to the lesson will include this cookie. Even though the application (If Shepherd has been correctly configured) redirects to a HTTPs service upon access, the will have been sent across the network in plain text. When players open this lesson, they automatically send a HTTP request thanks to the following &lt;IMG&gt; element. Image elements do not follow the mixed content policy and will send HTTP requests even when loaded inside a HTTPs context. This will not work with an iFrame.
+securityMisconfig.stealTokens.whyThisImageIsHere = This Image has sent your securityMisconfigLesson across the network in plain text
+securityMisconfig.stealTokens.haveSomebodyOnYourNetwork = If there are no users on your local network, this lesson is <B>very difficult</B> to complete. Please ask your Shepherd Administrator to disable it.
+securityMisconfig.stealTokens.stealTokenThenDoThis = Once you have stolen another user's <a>securityMisconfigLesson</a> token, click the following button and sub in the other user's token where your own exists.
+
+form.securityMisconfig.stealTokens.submit = Get Result Key
+form.challenge.loading = Loading...
+
+error.occurred = An Error Occurred
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/cheatsheets/solutions.properties b/SecurityShepherdCore/src/i18n/cheatsheets/solutions.properties
index 6fd40d1b7..d43d33311 100644
--- a/SecurityShepherdCore/src/i18n/cheatsheets/solutions.properties
+++ b/SecurityShepherdCore/src/i18n/cheatsheets/solutions.properties
@@ -53,7 +53,7 @@ cfbf7b915ee56508ad46ab79878f37fd9afe0d27.solution = To complete this challenge a
 9294ba32bdbd680e3260a0315cd98bf6ce8b69bd.solution = The first step in completing this challenge is to get an admin user's email address. Try to sign in as 'root' or 'superuser' to get one. To complete this challenge a user must use SQL Injection in the email Parameter in the GET request to the SecretQuestion servlet. The following email submission will achieve the response of the users secret answer (This example is URL Encoded)<br><br/>&quot;UNION+SELECT+secretAnswer+FROM+users+WHERE+userName=&quot;<b>root</b><br><br>You can then use this answer along with a user email address to complete the level.
 7153290d128cfdef5f40742dbaeb129a36ac2340.solution = To complete this challenge a user must send the server a request with the 'challengeRole' value set to 'nmHqLjQknlHs'. The challengeRole cookie is encoded with ATOM-128. The value 'nmHqLjQknlHs' when decoded is 'superuser'.
 145111e80400e4fd48bd3aa5aca382e9c5640793.solution = To complete this challenge a user must deobfusticate the javascript found in /couponCheck.js and extract the relevent cryptoinformation to manually decrypt a javascript array of encrypted coupons, or to manipulate the javascript so that it returns the decrypted coupons. The Coupon code for free trolls is <b>e!c!3etZoumo@Stu4rU176</b>
-adc845f9624716eefabcc90d172bab4096fa2ac4.solution = To complete this challenge, a SQL Injection Flaw must be exploited to learn the name of the super admin. The injection is performed through the BASE64 encoded cookie named 'currentPerson'. a simple &quot;or&quot;1&quot;!=&quot;0 vector will work. take the super admin's name and submit it encoded for BASE64 as the currentPerson cookie value in the request that is submitted when the Admin button is clicked. This will return the result key for the challenge.
+adc845f9624716eefabcc90d172bab4096fa2ac4.solution = To complete this challenge, a SQL Injection Flaw must be exploited to learn the name of the super admin in a request described in the module's javascript. This function is not used by the presented HTML. You must manually craft this request and include an injection attack through the BASE64 encoded cookie named 'currentPerson'. a simple &quot;or&quot;1&quot;!=&quot;0 vector will work. Take the super admin's name and submit it encoded for BASE64 as the currentPerson cookie value in the request that is submitted when the Admin button is clicked. This will return the result key for the challenge.
 64070f5aec0593962a29a141110b9239d73cd7b3.solution = To complete this challenge, a SQL injection flaw must be exploited. The vulnerable paramater is 'subUserEmail'. It must be mostly well formed as an email address to get past the validation process. The following vector, which is URL encoded, will sign the user in as user 1. <br><br><b>'or'1'='1'union%0aselect%0auserName%0afrom%0ausers%0awhere''!='%40v</b>
 1e3c02ad49fa9a9e396a3b268d7da8f0b647d8f9.solution = To complete this challenge, connect the android debug bridge to the VM and run  adb logcat –d \<file location\> to dump logs to a text file. Trigger the key log by pressing the lotto button
 f40b0cd5d45327c9426675313f581cf70c7c7c28.solution = To complete this challenge, start the app, go to the command line of the VM using ALT F1 and then navigate to /sdcard/, pictorial logs are places there. Connect adb to the device and run the adb pull command on the logs. 
diff --git a/SecurityShepherdCore/src/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties b/SecurityShepherdCore/src/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties
index a9640d4b8..db9113e87 100644
--- a/SecurityShepherdCore/src/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties
+++ b/SecurityShepherdCore/src/i18n/lessons/m_content_provider_leakage/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.properties
@@ -2,6 +2,7 @@ title.question.content_provider_leak = What is Content Provider Leakage?
 
 paragraph.info.1 = A <a>Content Provider</a> is used by Android to provide access to a structured set of data within a central repository. Content Providers are intended to be accessed by other applications, however with the <a>Android Debug Bridge</a>, they can be accessed by anyone with access to a device.
 paragraph.info.2 = In order to query a Content Provider without an App, perform the following adb commands
+paragraph.info.3 = Without knowing the URI, an attacker can do a few things to figure it out. 
 
 challenge.description = The Key can be attained by querying the Content Provider. The URI is : <a>content://com.somewhere.hidden.SecretProvider/data</a>
 
diff --git a/SecurityShepherdCore/src/i18n/moduleGenerics/mobileGenericStrings.properties b/SecurityShepherdCore/src/i18n/moduleGenerics/mobileGenericStrings.properties
new file mode 100644
index 000000000..cf929bc08
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/moduleGenerics/mobileGenericStrings.properties
@@ -0,0 +1,2 @@
+mobileBlurb.vmLink.1 = To complete this challenge you'll need to use the
+mobileBlurb.vmLink.2 = app found in the <a href='http://bit.ly/mobileShepherdVm' target='_blank'>Security Shepherd Android Virtual Machine</a>.
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectBank.properties b/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectBank.properties
new file mode 100644
index 000000000..a485435f8
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectBank.properties
@@ -0,0 +1,31 @@
+login.authFailedMessage.1 = ERROR: User
+login.authFailedMessage.2 = could not be logged in
+login.error.couldNotGetBalance = Could not get Balance!
+
+bankForm.yourAccount = Your Account
+bankForm.yourAccount.balance = Your account balance is currently:
+bankForm.transferFunds = Transfer Funds
+bankForm.transferFunds.whatToDo = Use this form to send money to other accounts in this bank. All you need to do is enter their account number and the amount you want to send!
+bankForm.recieverNumber = Receiver Account Number:
+bankForm.amountToSend = Amount to Send:
+bankForm.loading = Loading...
+bankForm.refreshBalance = Refresh Balance
+bankForm.refreshBalance.whatToDo = Use this form to refresh your balance above. That way you can see if any money came in recently!
+bankForm.logoutOfAccount = Logout of Account
+bankForm.logoutOfAccount.whatToDo = Use this form to sign out of your bank account when your done giving your money away.
+bankForm.logoutFromBankAccount = Log Out Of Bank Account
+
+result.complete = Challenge Complete
+result.wellDone = Congratulations, you have successfully completed this challenge. Use the following result key at the top of the page to mark this level as complete in the system.
+result.theKeyIs = The result key for this challenge is
+
+logout.loggedOut = Logged Out
+
+register.accountCreated = User account has been registered! Please Sign in!
+register.error = Could not create account!
+
+transfer.error.couldNotTransfer = Could not get Transfer Funds!
+transfer.error.notEnoughCash = Your account does not have the necessary funds to transfer that amount.
+transfer.error.moreThanZero = The amount being transfered must be greater than zero.
+transfer.error.occurred = An Error Occured:
+transfer.success = Funds have been transfered sucessfully!
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectRef1.properties b/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectRef1.properties
new file mode 100644
index 000000000..ef746d2a9
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectRef1.properties
@@ -0,0 +1,4 @@
+response.message = Message
+response.notFound = User: 404 - User Not Found
+response.notFoundMessage.1 = User
+response.notFoundMessage.2 = could not be found or does not exist.
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectRef2.properties b/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectRef2.properties
new file mode 100644
index 000000000..ef746d2a9
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/servlets/challenges/directObject/directObjectRef2.properties
@@ -0,0 +1,4 @@
+response.message = Message
+response.notFound = User: 404 - User Not Found
+response.notFoundMessage.1 = User
+response.notFoundMessage.2 = could not be found or does not exist.
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/servlets/challenges/insecureCryptoStorage/insecureCryptoStorage.properties b/SecurityShepherdCore/src/i18n/servlets/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
new file mode 100644
index 000000000..3d7895c5d
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/servlets/challenges/insecureCryptoStorage/insecureCryptoStorage.properties
@@ -0,0 +1,8 @@
+insecureCyrptoStorage.3.plaintextResult = Plain text Result:
+insecureCyrptoStorage.3.plaintextResult.message = Your cipher text was decrypted to the following:
+
+insecureCyrptoStorage.4.orderComplete = Order Complete
+insecureCyrptoStorage.4.orderShipped = Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
+insecureCyrptoStorage.4.totalCost = Your order comes to a total of
+insecureCyrptoStorage.4.freeTrolls = Trolls were free, Well Done
+insecureCyrptoStorage.4.orderFailed = Order Failed - Please try again later
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/servlets/challenges/poorValidation/poorValidationStrings.properties b/SecurityShepherdCore/src/i18n/servlets/challenges/poorValidation/poorValidationStrings.properties
new file mode 100644
index 000000000..b52bdd206
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/servlets/challenges/poorValidation/poorValidationStrings.properties
@@ -0,0 +1,5 @@
+poorValidation.orderComplete = Order Complete
+poorValidation.orderComplete.message = Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.
+poorValidation.orderTotal = Your order comes to a total of
+poorValidation.freeTrolls = Trolls were free, Well Done
+poorValidation.badOrder = Order Failed - Please try again later
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/servlets/challenges/securityMisconfig/stealTokens.properties b/SecurityShepherdCore/src/i18n/servlets/challenges/securityMisconfig/stealTokens.properties
new file mode 100644
index 000000000..742799d70
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/servlets/challenges/securityMisconfig/stealTokens.properties
@@ -0,0 +1,5 @@
+securityMisconfig.servlet.stealTokens.notComplete = Challenge NOT Complete
+securityMisconfig.servlet.stealTokens.notComplete.message = You cannot complete this securityMisconfig.servlet.stealTokens with your cookie value. You must get the cookie from another user.
+securityMisconfig.servlet.stealTokens.notComplete.yourToken = You muse submit a valid token of another user to complete this securityMisconfig.servlet.stealTokens.
+securityMisconfig.servlet.stealTokens.complete = Challenge Complete
+securityMisconfig.servlet.stealTokens.youDidIt = Congratulations! Your result key is as follows
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/servlets/challenges/sqli/sqli6.properties b/SecurityShepherdCore/src/i18n/servlets/challenges/sqli/sqli6.properties
index b57103fd3..02b33d747 100644
--- a/SecurityShepherdCore/src/i18n/servlets/challenges/sqli/sqli6.properties
+++ b/SecurityShepherdCore/src/i18n/servlets/challenges/sqli/sqli6.properties
@@ -1,5 +1,5 @@
 response.welcomeBack = Welcome back 
 response.authNumber = Your authentication number is now 
-response.incorrectCreds = Incorrect Password / User name
+response.incorrectCreds = Incorrect Pin Number
 response.carefulNow = Careful now!
 response.badRequest = Bad Request? Please be careful!
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/text.properties b/SecurityShepherdCore/src/i18n/text.properties
index 72fad5cdb..33994bb70 100644
--- a/SecurityShepherdCore/src/i18n/text.properties
+++ b/SecurityShepherdCore/src/i18n/text.properties
@@ -1,106 +1,105 @@
-generic.text.aboutSecShep = About Security Shepherd
-generic.text.admin = Admin
-generic.text.cheat = Cheat
-generic.text.challenges = Challenges
-generic.text.commentMessage.1 = You are currently looking at the core server. 
-generic.text.commentMessage.2 = Nothing related to the levels in Security Shepherd will be found in here. 
-generic.text.commentMessage.3 = You might be looking for the iframe embedded in the page. 
-generic.text.commentMessage.4 = Try a tool like Firebug to make this stuff easier.
-generic.text.configuration = Configuration
-generic.text.configureShepherd = Configure Shepherd
-generic.text.confirmPasswd = Confirm Password
-generic.text.confirmEmailAddr = Confirm Email
-generic.text.emailAddr = Email Address
-generic.text.lessons = Lessons
-generic.text.login = Login
-generic.text.logout = Logout
-generic.text.loading = Loading...
-generic.text.ssRegister = OWASP Security Shepherd - Register
-generic.text.password = Password
-generic.text.pleaseWait = Please Wait!
-generic.text.register = Register
-generic.text.scoreboard = Scoreboard
-generic.text.searchModules = Search Modules
-generic.text.shepherdVersion = Security Shepherd Version: 2.4
-generic.text.sorryError = Sorry but there was an error
-generic.text.submitResult = Submit Result Key Here
-generic.text.submit = Submit
-generic.text.username = Username
-generic.text.welcome = Welcome
-
-getter.button.completed = Completed
-getter.button.nextChallenge = Get Next Challenge
-getter.button.finished = You've Finished!
-getter.button.noModulesFound = No Modules Found
-getter.tournamentRank.1 = Field Training
-getter.tournamentRank.2 = Private
-getter.tournamentRank.3 = Corporal
-getter.tournamentRank.4 = Sergeant
-getter.tournamentRank.5 = Lieutenant
-getter.tournamentRank.6 = Major
-getter.tournamentRank.7 = Admiral
-
-getStarted.text.lets_start = Let's Get Started
-getStarted.button.openLevels.all = Open All Levels
-getStarted.button.openLevels.web = Open Web App Levels Only
-getStarted.button.openLevels.mobile = Open Mobile Levels Only
-getStarted.button.closeLevels = Close All Levels
-blockedMessage.text.heading.levelBlocked = Level Currently Blocked
-index.link.admin.cheatSheet.manage = Cheat Sheet Management
-index.link.admin.cheatSheet.manage.create = Create New Cheat Sheet
-index.link.admin.cheatSheet.manage.disable = Disable Cheat Sheets
-index.link.admin.cheatSheet.manage.enable = Enable Cheat Sheets
-index.link.admin.config.change = Change Module Layout
-index.link.admin.config.feedback = Feedback Configuration
-index.link.admin.config.openClose = Open/Close Registration
-index.link.admin.config.scoreboard = Scoreboard Configuration
-index.link.admin.config.coreDb = Set Core Database
-index.link.admin.moduleManage = Module Management
-index.link.admin.moduleManage.block = Module Block Setup
-index.link.admin.moduleManage.openClose = Open and Close Modules
-index.link.admin.moduleManage.openCloseCategory = Open or Close by Category
-index.link.admin.moduleManage.feedback = View Feedback
-index.link.admin.moduleManage.progress = View Progress
-index.link.admin.userMange = User Management
-index.link.admin.userMange.addPlayer = Add Players
-index.link.admin.userMange.addPoints = Add / Deduct Player Points
-index.link.admin.userMange.assignPlayer = Assign Players to Class
-index.link.admin.userMange.createClass = Create Class
-index.link.admin.userMange.createAdmin = Create New Admin
-index.link.admin.userMange.resetPass = Reset Password
-index.link.admin.userMange.setDefaultPlayerClass = Set Default Player Class
-index.link.admin.userMange.suspendPlayer = Suspend Player
-index.link.admin.userMange.unsuspendPlayer = Undo Suspend Player
-index.link.admin.userMange.upgradeToAdmin = Upgrade Player to Admin
-login.text.sponsers = Project Sponsors
-readyToPlay.title.readyToPlay = Security Shepherd - Ready to Go?
-readyToPlay.header.notReady = You are not ready!
-readyToPlay.title.enteredGame = You have entered the game!
-login.text.proxy_question = Do you need a Proxy?
-login.text.download_proxy = Download a HTTP Proxy here
-
-
-login.link.zap_win = ZAP for Windows
-login.link.zap_lin = ZAP for Linux
-login.link.zap_mac = ZAP for Mac
-
-
-blockedMessage.text.info.levelBlocked = Your doing very well! An administrator has currently marked this level as closed. To find out when this level will be available, your going to have to ask the person who is in charge on the application!
-getStarted.text.moduleInfo.openFloor = Now that you've signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, <span><a>Lessons</a></span> or <span><a>Modules</a></span>, in the side menu to see what modules are currently available!
-getStarted.text.moduleInfo.incrementalFloor = Now that you've signed in, lets get started with some Security Shepherd challenges! To start one, click the &quot;Get Next Challenge&quot; button on the left!
-getStarted.text.moduleInfo = Now that you've signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth! 
-getStarted.text.configureShepherd.asAnAdmin = As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
-getStarted.text.checkShepConfigMsg = If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
-getStarted.text.info.changePassword = Your password is a temporary password. This means that somebody else knows it! Lets keep things secure and change your password now!
-login.text.info = Use your <a><span>Security Shepherd Credentials<span></a> to Login.
-login.text.regInfo = Register a <a href="register.jsp"><span>Security Shepherd Account</span></a> here!
-login.text.about_blurb = The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
-login.text.sponsers_blurb = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
-login.text.thanks = The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
-readyToPlay.text.info.notReady = Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
-readyToPlay.text.info.enteredGame = Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
-
-
-
-
-
+generic.text.aboutSecShep = About Security Shepherd
+generic.text.admin = Admin
+generic.text.cheat = Cheat
+generic.text.challenges = Challenges
+generic.text.commentMessage.1 = You are currently looking at the core server. 
+generic.text.commentMessage.2 = Nothing related to the levels in Security Shepherd will be found in here. 
+generic.text.commentMessage.3 = You might be looking for the iframe embedded in the page. 
+generic.text.commentMessage.4 = Try a tool like Firebug to make this stuff easier.
+generic.text.configuration = Configuration
+generic.text.configureShepherd = Configure Shepherd
+generic.text.confirmPasswd = Confirm Password
+generic.text.confirmEmailAddr = Confirm Email
+generic.text.emailAddr = Email Address
+generic.text.lessons = Lessons
+generic.text.login = Login
+generic.text.logout = Logout
+generic.text.loading = Loading...
+generic.text.ssRegister = OWASP Security Shepherd - Register
+generic.text.password = Password
+generic.text.pleaseWait = Please Wait!
+generic.text.register = Register
+generic.text.scoreboard = Scoreboard
+generic.text.searchModules = Search Modules
+generic.text.shepherdVersion = Security Shepherd Version: 3.0
+generic.text.sorryError = Sorry but there was an error
+generic.text.submitResult = Submit Result Key Here
+generic.text.submit = Submit
+generic.text.username = Username
+generic.text.welcome = Welcome
+
+getter.button.completed = Completed
+getter.button.nextChallenge = Get Next Challenge
+getter.button.finished = You've Finished!
+getter.button.noModulesFound = No Modules Found
+getter.tournamentRank.1 = Field Training
+getter.tournamentRank.2 = Private
+getter.tournamentRank.3 = Corporal
+getter.tournamentRank.4 = Sergeant
+getter.tournamentRank.5 = Lieutenant
+getter.tournamentRank.6 = Major
+getter.tournamentRank.7 = Admiral
+
+getStarted.text.lets_start = Let's Get Started
+getStarted.button.openLevels.all = Open All Levels
+getStarted.button.openLevels.web = Open Web App Levels Only
+getStarted.button.openLevels.mobile = Open Mobile Levels Only
+getStarted.button.closeLevels = Close All Levels
+blockedMessage.text.heading.levelBlocked = Level Currently Blocked
+index.link.admin.cheatSheet.manage = Cheat Sheet Management
+index.link.admin.cheatSheet.manage.create = Create New Cheat Sheet
+index.link.admin.cheatSheet.manage.disable = Disable Cheat Sheets
+index.link.admin.cheatSheet.manage.enable = Enable Cheat Sheets
+index.link.admin.config.change = Change Module Layout
+index.link.admin.config.feedback = Feedback Configuration
+index.link.admin.config.openClose = Open/Close Registration
+index.link.admin.config.scoreboard = Scoreboard Configuration
+index.link.admin.config.coreDb = Set Core Database
+index.link.admin.moduleManage = Module Management
+index.link.admin.moduleManage.block = Module Block Setup
+index.link.admin.moduleManage.openClose = Open and Close Modules
+index.link.admin.moduleManage.openCloseCategory = Open or Close by Category
+index.link.admin.moduleManage.feedback = View Feedback
+index.link.admin.moduleManage.progress = View Progress
+index.link.admin.userMange = User Management
+index.link.admin.userMange.addPlayer = Add Players
+index.link.admin.userMange.addPoints = Add / Deduct Player Points
+index.link.admin.userMange.assignPlayer = Assign Players to Class
+index.link.admin.userMange.createClass = Create Class
+index.link.admin.userMange.createAdmin = Create New Admin
+index.link.admin.userMange.resetPass = Reset Password
+index.link.admin.userMange.setDefaultPlayerClass = Set Default Player Class
+index.link.admin.userMange.suspendPlayer = Suspend Player
+index.link.admin.userMange.unsuspendPlayer = Undo Suspend Player
+index.link.admin.userMange.upgradeToAdmin = Upgrade Player to Admin
+login.text.sponsers = Project Sponsors
+readyToPlay.title.readyToPlay = Security Shepherd - Ready to Go?
+readyToPlay.header.notReady = You're not ready!
+readyToPlay.title.enteredGame = You have entered the game!
+login.text.proxy_question = Do you need a Proxy?
+login.text.download_proxy = Download a HTTP Proxy here
+
+
+login.link.zap_win = ZAP for Windows
+login.link.zap_lin = ZAP for Linux
+login.link.zap_mac = ZAP for Mac
+
+
+blockedMessage.text.info.levelBlocked = Your doing very well! An administrator has currently marked this level as closed. To find out when this level will be available, your going to have to ask the person who is in charge on the application!
+getStarted.text.moduleInfo.openFloor = Now that you have signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, <span><a>Lessons</a></span> or <span><a>Modules</a></span>, in the side menu to see what modules are currently available!
+getStarted.text.moduleInfo.incrementalFloor = Now that you have signed in, lets get started with some Security Shepherd challenges! To start one, click the &quot;Get Next Challenge&quot; button on the left!
+getStarted.text.moduleInfo = Now that you have signed in, lets get started with some Security Shepherd modules! To start a module, click on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth! 
+getStarted.text.configureShepherd.asAnAdmin = As you are an Administrator you can define the scope of Security Shepherd. You can quickly change the game layout to Web or Mobile Application focused with the following buttons, or you can open the Admin Module Management menu, at the top left of the page, to open or close specific topics.
+getStarted.text.checkShepConfigMsg = If you cannot see the message below this paragraph, please ensure that the Security Shepherd instance is correctly configured.
+getStarted.text.info.changePassword = Your password is a temporary password. This means that somebody else knows it! Lets keep things secure and change your password now!
+login.text.info = Use your <a><span>Security Shepherd Credentials<span></a> to Login.
+login.text.regInfo = Register a <a href="register.jsp"><span>Security Shepherd Account</span></a> here!
+login.text.about_blurb = The OWASP Security Shepherd project has been designed and implemented with the aim of fostering and improving application security awareness among a varied skill-set demographic.This project enables users to learn or to improve upon existing manual penetration testing skills. This is accomplished through lesson and challenge techniques. A lesson provides a user with a lot of help in completing that module, where a challenge puts what the user learned in the lesson to use. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security vulnerabilities can be explored and their impact on a system understood. Many of these levels include insufficient mitigations and protections to these risks, such as blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration. The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
+login.text.sponsers_blurb = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
+login.text.thanks = The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
+readyToPlay.text.info.notReady = Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
+readyToPlay.text.info.enteredGame = Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
+
+sponsorship.title = Project Sponsors
+sponsorship.message.1 = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
+sponsorship.message.2 = The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu!
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/i18n/text_es.properties b/SecurityShepherdCore/src/i18n/text_es.properties
index 6c41857e1..3d1aad04b 100644
--- a/SecurityShepherdCore/src/i18n/text_es.properties
+++ b/SecurityShepherdCore/src/i18n/text_es.properties
@@ -1,11 +1,11 @@
 generic.text.aboutSecShep = Sobre Security Shepherd
 generic.text.admin = Administración
-generic.text.cheat = Engañar
+generic.text.cheat = Hacer trampas
 generic.text.challenges = Desafíos
-generic.text.commentMessage.1 = You are currently looking at the core server. (Translation Required)
-generic.text.commentMessage.2 = Nothing related to the levels in Security Shepherd will be found in here. (Translation Required)
-generic.text.commentMessage.3 = You might be looking for the iframe embedded in the page. (Translation Required)
-generic.text.commentMessage.4 = Try a tool like Firebug to make this stuff easier.(Translation Required)
+generic.text.commentMessage.1 = Estás mirando en el servidor central.
+generic.text.commentMessage.2 = Aquí no hay nada relacionado con los niveles de Security Sheperd.
+generic.text.commentMessage.3 = Puede que estés buscando el iframe incorporado (embedded iframe) en la página.
+generic.text.commentMessage.4 = Prueba una herramienta como Firebug para hacer esto más fácil.
 generic.text.configuration = Configuración
 generic.text.configureShepherd = Configure Shepherd
 generic.text.confirmPasswd = Confirmar Contraseña
@@ -14,16 +14,16 @@ generic.text.emailAddr = Direcci
 generic.text.lessons = Lecciones
 generic.text.login = Acceder
 generic.text.logout = Cerrar Sesión
-generic.text.loading = Cargando...
+generic.text.loading = Cargando...Engañar
 generic.text.ssRegister = OWASP Security Shepherd - Registro
 generic.text.password = Contraseña
 generic.text.pleaseWait = Por favor, espera!
 generic.text.register = Registro
 generic.text.scoreboard = Marcador
-generic.text.searchModules = Search Modules (Translation Required)
-generic.text.shepherdVersion = Security Shepherd Version: 2.4 (Translation Required)
-generic.text.sorryError = Sorry but there was an error (Translation Required)
-generic.text.submitResult = Submit Result Key Here (Translation Required)
+generic.text.searchModules = Buscar módulos
+generic.text.shepherdVersion = Security Shepherd Version: 3.0
+generic.text.sorryError = Sorry but there was an error
+generic.text.submitResult = Submit Result Key Here
 generic.text.username = Nombre de usario
 generic.text.welcome = Bienvenida
 
diff --git a/SecurityShepherdCore/src/i18n/text_ga.properties b/SecurityShepherdCore/src/i18n/text_ga.properties
index 5dea63f6e..ecd6ba01f 100644
--- a/SecurityShepherdCore/src/i18n/text_ga.properties
+++ b/SecurityShepherdCore/src/i18n/text_ga.properties
@@ -21,9 +21,9 @@ generic.text.pleaseWait = D
 generic.text.register = Cláraigh
 generic.text.scoreboard = Scórchlár
 generic.text.searchModules = Search Modules (Translation Required)
-generic.text.shepherdVersion = Security Shepherd Version: 2.4 (Translation Required)
-generic.text.sorryError = Sorry but there was an error (Translation Required)
-generic.text.submitResult = Submit Result Key Here (Translation Required)
+generic.text.shepherdVersion = Security Shepherd Version: 3.0
+generic.text.sorryError = Sorry but there was an error
+generic.text.submitResult = Submit Result Key Here
 generic.text.submit = Cúir Isteach
 generic.text.username = Ainm Úsáideora
 generic.text.welcome = Fáilte
diff --git a/SecurityShepherdCore/src/i18n/text_hi.properties b/SecurityShepherdCore/src/i18n/text_hi.properties
new file mode 100644
index 000000000..99ceeb414
--- /dev/null
+++ b/SecurityShepherdCore/src/i18n/text_hi.properties
@@ -0,0 +1,107 @@
+generic.text.aboutSecShep = About Security Shepherd
+generic.text.admin = Admin
+generic.text.cheat = Cheat
+generic.text.challenges = Chunauti
+generic.text.commentMessage.1 = Aap currently core server per dekh rahe ho. 
+generic.text.commentMessage.2 = Yaha pe tumhare liye Security Shepherd  par koi level related mahiti nahi he!. 
+generic.text.commentMessage.3 = Tum Shayad is page par embedded iframe khoj rahe ho. 
+generic.text.commentMessage.4 = Is tool ko firebug ki tarah use kro aur simple banao.
+generic.text.configuration = Configuration
+generic.text.configureShepherd = Configure Shepherd
+generic.text.confirmPasswd = Confirm Password
+generic.text.confirmEmailAddr = Confirm Email
+generic.text.emailAddr = Email Address
+generic.text.lessons = Lessons
+generic.text.login = Login
+generic.text.logout = Logout
+generic.text.loading = Loading...
+generic.text.ssRegister = OWASP Security Shepherd - Register
+generic.text.password = Password
+generic.text.pleaseWait = Please Wait!
+generic.text.register = Register
+generic.text.scoreboard = Scoreboard
+generic.text.searchModules = Search Modules
+generic.text.shepherdVersion = Security Shepherd Version: 2.4
+generic.text.sorryError = Sorry yahape error payi gayi he
+generic.text.submitResult =  Result Key yaha pe submit karo
+generic.text.submit = Submit
+generic.text.username = Username
+generic.text.welcome = Welcome
+
+getter.button.completed = Completed
+getter.button.nextChallenge = Get Next Challenge
+getter.button.finished = Tumhne pura kiya!
+getter.button.noModulesFound = Koi Modules Mil nahi rahe
+getter.tournamentRank.1 = Field Training
+getter.tournamentRank.2 = Private
+getter.tournamentRank.3 = Corporal
+getter.tournamentRank.4 = Sergeant
+getter.tournamentRank.5 = Lieutenant
+getter.tournamentRank.6 = Major
+getter.tournamentRank.7 = Admiral
+
+getStarted.text.lets_start = Let's Get Started
+getStarted.button.openLevels.all = Open All Levels
+getStarted.button.openLevels.web = Open Web App Levels Only
+getStarted.button.openLevels.mobile = Open Mobile Levels Only
+getStarted.button.closeLevels = Close All Levels
+blockedMessage.text.heading.levelBlocked = Level Currently Blocked
+index.link.admin.cheatSheet.manage = Cheat Sheet Management
+index.link.admin.cheatSheet.manage.create = Create New Cheat Sheet
+index.link.admin.cheatSheet.manage.disable = Disable Cheat Sheets
+index.link.admin.cheatSheet.manage.enable = Enable Cheat Sheets
+index.link.admin.config.change = Change Module Layout
+index.link.admin.config.feedback = Feedback Configuration
+index.link.admin.config.openClose = Open/Close Registration
+index.link.admin.config.scoreboard = Scoreboard Configuration
+index.link.admin.config.coreDb = Set Core Database
+index.link.admin.moduleManage = Module Management
+index.link.admin.moduleManage.block = Module Block Setup
+index.link.admin.moduleManage.openClose = Open and Close Modules
+index.link.admin.moduleManage.openCloseCategory = Open or Close by Category
+index.link.admin.moduleManage.feedback = View Feedback
+index.link.admin.moduleManage.progress = View Progress
+index.link.admin.userMange = User Management
+index.link.admin.userMange.addPlayer = Add Players
+index.link.admin.userMange.addPoints = Add / Deduct Player Points
+index.link.admin.userMange.assignPlayer = Assign Players to Class
+index.link.admin.userMange.createClass = Create Class
+index.link.admin.userMange.createAdmin = Create New Admin
+index.link.admin.userMange.resetPass = Reset Password
+index.link.admin.userMange.setDefaultPlayerClass = Set Default Player Class
+index.link.admin.userMange.suspendPlayer = Suspend Player
+index.link.admin.userMange.unsuspendPlayer = Undo Suspend Player
+index.link.admin.userMange.upgradeToAdmin = Upgrade Player to Admin
+login.text.sponsers = Project k Sponsors
+readyToPlay.title.readyToPlay = Security Shepherd - Tum Taiyar ho?
+readyToPlay.header.notReady = Tum taiyar nahi ho!
+readyToPlay.title.enteredGame = tum game me enter ho gaye!
+login.text.proxy_question = Tumhe proxy chahiye?
+login.text.download_proxy = Download  HTTP Proxy yahase
+
+
+login.link.zap_win = ZAP  Windows k liye
+login.link.zap_lin = ZAP  Linux  k liye
+login.link.zap_mac = ZAP  Mac  k liye
+
+
+blockedMessage.text.info.levelBlocked = Tumh Acche ja rahe ho! Administrator ne currently is level ko closedkiya he. To ye level kab available hoga ye  janne k liye,jo is application ka in charge  hai usse puccho!
+getStarted.text.moduleInfo.openFloor = Ab tum signed in ho, lets get started with some Security Shepherd modules! To start a module, click on the list headers, <span><a>Lessons</a></span> or <span><a>Modules</a></span>, in the side menu to see what modules are currently available!
+getStarted.text.moduleInfo.incrementalFloor = Ab tum signed in ho, lets get started with some Security Shepherd challenges! To start one, click the &quot;Get Next Challenge&quot; button on the left!
+getStarted.text.moduleInfo = Ab tum signed in ho, lets get started with some Security Shepherd modules! To start a module, click on the list headers, such as <span><a>Field Training</a></span> or <span><a>Corporal</a></span>, in the side menu to see what modules are currently available! The lower down in the side menu that the module is listed, the more points it is worth! 
+getStarted.text.configureShepherd.asAnAdmin =  Administrator k taur pe tum  Security Shepherd ke scope ko set kar sakte ho. tum turant game layout ko Web or Mobile Application change kar sakate ho, 
+or you can open the Admin Module Management menu, at the top left of the page,specific topics ko open ya close krne k liye.
+getStarted.text.checkShepConfigMsg = agar tum  paragraph k bad message nahi dekh  pate to please ensure  Security Shepherd instance sahi configured hua hai.
+getStarted.text.info.changePassword = tumhara password is a temporary password. so  koi aur bhi janta hai aapke password ko! Pahele apne password ko change kar k secure bano!
+login.text.info = Use your <a><span>Security Shepherd Credentials<span></a> to Login.
+login.text.regInfo = Register a <a href="register.jsp"><span>Security Shepherd Account</span></a> here!
+login.text.about_blurb = The OWASP Security Shepherd project ko isi liye banaya gaya hai ki application security awareness  ko support mile or sudhar ho,sari tarike ki skill-set vale demographic people k liye.Is project users ko manual penetration testing skills sikhata hai aur sudhar bhi lata hai.Sare lesson aur challenge techniques se ye sabit hota hai.Ye lesson user ko module complete karne me sabhi help karega, ki jaha ye challenge user is lesson se kya sikha vo use kar shakta hai. </p><p>The OWASP Security Shepherd project covers the OWASP Top Ten web app risks and also covers the OWASP Top Ten Mobile risks as well. Using these risks as a challenge test bed, common security muskeliyo ko explre karta hai aur system par uske impact ko bhi samajata hai.  Is me se kai levels pahechan or fix nahi pane vale uplabdh workaround aur risks jaise ki blacklist filters, atrocious encoding schemes, barbaric security mechanisms and poor security configuration.The modules have been crafted to provide not only a challenge for a security novice, but security professionals as well.
+login.text.sponsers_blurb = The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter.
+login.text.thanks = The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu
+readyToPlay.text.info.notReady = Refresh the home page! If this error persists; Log out and back in! If this error continues to persist, please contact an Administrator!
+readyToPlay.text.info.enteredGame = Now that you can see this, you're good to go! Get cracking on lessons and challenges! <br/><br/> Remember, the levels you are playing are sub applications. Keep the game play in these applications!  Stay away from your session ID's! You'll just log yourself out of you change them!<br/><br/> If you havn't already configured a web proxy, you better! It makes things much easier!
+
+
+
+
+
diff --git a/SecurityShepherdCore/src/i18n/text_pt.properties b/SecurityShepherdCore/src/i18n/text_pt.properties
index d3550413a..f08d9c3dc 100644
--- a/SecurityShepherdCore/src/i18n/text_pt.properties
+++ b/SecurityShepherdCore/src/i18n/text_pt.properties
@@ -21,7 +21,7 @@ generic.text.pleaseWait = Esperar por favor
 generic.text.register = Registrar
 generic.text.scoreboard = Placar
 generic.text.searchModules = Busca liçãos
-generic.text.shepherdVersion = Security Shepherd Versão: 2.4
+generic.text.shepherdVersion = Security Shepherd Versão: 3.0
 generic.text.sorryError = Descupla, mas havia um erro
 generic.text.submitResult = Enviar seu chave resultado aqui
 generic.text.submit = Enviar
diff --git a/SecurityShepherdCore/src/i18n/text_zh.properties b/SecurityShepherdCore/src/i18n/text_zh.properties
index 902c0b15f..f33979090 100644
--- a/SecurityShepherdCore/src/i18n/text_zh.properties
+++ b/SecurityShepherdCore/src/i18n/text_zh.properties
@@ -21,7 +21,7 @@ generic.text.pleaseWait = \u8BF7\u7A0D\u4FAF!
 generic.text.register = \u6CE8\u518C
 generic.text.scoreboard = \u8BB0\u5206\u677F
 generic.text.searchModules = Search Modules
-generic.text.shepherdVersion = Security Shepherd \u7248\u672C: 2.4
+generic.text.shepherdVersion = Security Shepherd \u7248\u672C: 3.0
 generic.text.sorryError = Sorry but there was an error
 generic.text.submitResult = \u5728\u8FD9\u63D0\u4EA4\u7ED3\u679C\u94A5\u5319
 generic.text.submit = \u63D0\u4EA4
diff --git a/SecurityShepherdCore/src/jsp/admin/config/aboutShepherd.jsp b/SecurityShepherdCore/src/jsp/admin/config/aboutShepherd.jsp
index bb3560969..ca319659d 100644
--- a/SecurityShepherdCore/src/jsp/admin/config/aboutShepherd.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/config/aboutShepherd.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.util.Locale, java.util.ResourceBundle, java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 
 <%
 	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: aboutShepherd.jsp *************************");
@@ -52,14 +52,14 @@ String ApplicationRoot = getServletContext().getRealPath("");
 %>
 	<h1 class="title">The OWASP Security Shepherd Project</h1>
 	<p>
-		You are currently using Security Shepherd Version 2.4
+		You are currently using Security Shepherd Version 3.0
 		<br><br>
 		The OWASP Security Shepherd project is a web and mobile application security training platform. Security Shepherd has been designed to foster and improve security awareness among a varied skill-set demographic. The aim of this project is to take AppSec novices or experienced engineers and sharpen their penetration testing skill set to security expert status. 
 		For More information, please visit the <a href="http://bit.ly/owaspSecurityShepherd">OWASP Security Shepherd Wiki Page</a>.
 		<br><br>
 		Please report any bugs or any feature requests on the <a href="http://bit.ly/securityShepherdGithub">OWASP Security Shepherd Git Repository</a>.
 	</p>
-	<%= Analytics.sponsorshipMessage %>
+	<%= Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession()))) %>
 	<br/>
 	<br/>
 	<div id="badData" style="display: none;"></div>
diff --git a/SecurityShepherdCore/src/jsp/admin/config/configCheats.jsp b/SecurityShepherdCore/src/jsp/admin/config/configCheats.jsp
index afe3cc0d5..b2dc93f9b 100644
--- a/SecurityShepherdCore/src/jsp/admin/config/configCheats.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/config/configCheats.jsp
@@ -109,9 +109,6 @@ if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
 				}
 				//Show Disable Dialog
 				$("#disableCheats").slideDown("slow");
-				$('html, body').animate({
-			        scrollTop: $("#resultDiv").offset().top
-			    }, 1000);
 			});
 		});
 	});
@@ -144,9 +141,6 @@ if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
 				}
 				//Show Disable Dialog
 				$("#disableCheats").slideDown("slow");
-				$('html, body').animate({
-			        scrollTop: $("#resultDiv").offset().top
-			    }, 1000);
 			});
 		});
 	});
@@ -178,9 +172,6 @@ if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
 				}
 				//Show Enable Dialog
 				$("#enableCheats").slideDown("slow");
-				$('html, body').animate({
-			        scrollTop: $("#resultDiv").offset().top
-			    }, 1000);
 			});
 		});
 	});
diff --git a/SecurityShepherdCore/src/jsp/admin/config/configFeedback.jsp b/SecurityShepherdCore/src/jsp/admin/config/configFeedback.jsp
index 4cfda7d5a..e2fd6aa5e 100644
--- a/SecurityShepherdCore/src/jsp/admin/config/configFeedback.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/config/configFeedback.jsp
@@ -105,9 +105,6 @@ if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
 				}
 				//Show Disable Dialog
 				$("#disableFeedback").slideDown("slow");
-				$('html, body').animate({
-			        scrollTop: $("#resultDiv").offset().top
-			    }, 1000);
 			});
 		});
 	});
@@ -139,9 +136,6 @@ if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
 				}
 				//Show Enable Dialog
 				$("#enableFeedback").slideDown("slow");
-				$('html, body').animate({
-			        scrollTop: $("#resultDiv").offset().top
-			    }, 1000);
 			});
 		});
 	});
diff --git a/SecurityShepherdCore/src/jsp/admin/moduleManagement/changeLevelLayout.jsp b/SecurityShepherdCore/src/jsp/admin/moduleManagement/changeLevelLayout.jsp
index 7533fa14d..5dd12173d 100644
--- a/SecurityShepherdCore/src/jsp/admin/moduleManagement/changeLevelLayout.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/moduleManagement/changeLevelLayout.jsp
@@ -99,6 +99,7 @@ if (request.getSession() != null) //Session If
 					<br>
 					<script>
 					var theCsrfToken = "<%= csrfToken %>";
+					var theRefreshError = "Could not Refresh Menu";
 					
 					$("#enableCtfMode").click(function(){
 						$("#ctfLoadingDiv").show("fast");
@@ -138,10 +139,14 @@ if (request.getSession() != null) //Session If
 									$("#badData").show("slow");
 									$("#ctfDiv").slideDown("slow");
 								}
+								var scrollTo = $("#currentModeTitle").offset().top;
+								scrollTo = scrollTo - 60;
 								$('html, body').animate({
-							        scrollTop: $("#currentModeTitle").offset().top
+							        scrollTop: scrollTo
 							    }, 1000);
 							});
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
 						});
 					});
 					
@@ -182,10 +187,14 @@ if (request.getSession() != null) //Session If
 									$("#badData").show("slow");
 									$("#openFloor").slideDown("slow");
 								}
+								var scrollTo = $("#currentModeTitle").offset().top;
+								scrollTo = scrollTo - 60;
 								$('html, body').animate({
-							        scrollTop: $("#currentModeTitle").offset().top
+							        scrollTop: scrollTo
 							    }, 1000);
 							});
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
 						});
 					});
 					
@@ -226,10 +235,14 @@ if (request.getSession() != null) //Session If
 									$("#badData").show("slow");
 									$("#tournament").slideDown("slow");
 								}	
+								var scrollTo = $("#currentModeTitle").offset().top;
+								scrollTo = scrollTo - 60;
 								$('html, body').animate({
-							        scrollTop: $("#currentModeTitle").offset().top
+							        scrollTop: scrollTo
 							    }, 1000);
 							});
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
 						});
 					});
 					</script>
diff --git a/SecurityShepherdCore/src/jsp/admin/moduleManagement/incrementalModules.jsp b/SecurityShepherdCore/src/jsp/admin/moduleManagement/incrementalModules.jsp
deleted file mode 100644
index 0454af48a..000000000
--- a/SecurityShepherdCore/src/jsp/admin/moduleManagement/incrementalModules.jsp
+++ /dev/null
@@ -1,109 +0,0 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
-
-<%
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: incrementalModules.jsp *************************");
-
-/**
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- * 
- * @author Mark Denihan
- */
- 
-if (request.getSession() != null)
-{
-HttpSession ses = request.getSession();
-Getter get = new Getter();
-//Getting CSRF Token from client
-Cookie tokenCookie = null;
-try
-{
-	tokenCookie = Validate.getToken(request.getCookies());
-}
-catch(Exception htmlE)
-{
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(incrementalModules.jsp): tokenCookie Error:" + htmlE.toString());
-}
-// validateAdminSession ensures a valid session, and valid administrator credentials
-// Also, if tokenCookie != null, then the page is good to continue loading
-// Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-Object tokenParmeter = request.getParameter("csrfToken");
-if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
-{
-	//Logging Username
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-// Getting Session Variables
-//This encoder should escape all output to prevent XSS attacks. This should be performed everywhere for safety
-Encoder encoder = ESAPI.encoder();
-String csrfToken = encoder.encodeForHTMLAttribute(tokenCookie.getValue());
-String ApplicationRoot = getServletContext().getRealPath("");
-%>
-	<div id="formDiv" class="post">
-		<h1 class="title">CTF Mode</h1>
-		<div class="entry">
-			<form id="theForm" action="javascript:;">
-				<% if (!ModulePlan.incrementalFloor) {%>
-					<p>If you enable the CTF floor plan, players will have to complete lessons to unlock links to the next module.</p>
-					<div id="badData"></div>
-					<input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-					<table align="center">
-						<tr><td colspan="2" align="center">
-							<input type="submit" id="submitButton" value="Enable CTF Mode"/>
-						</td></tr>
-					</table>
-					<script>					
-					$("#theForm").submit(function(){
-						var theCsrfToken = $('#csrfToken').val();
-						//The Ajax Operation
-						var ajaxCall = $.ajax({
-							type: "POST",
-							url: "incrementalModules",
-							data: {
-								csrfToken: theCsrfToken
-							},
-							async: false
-						});
-						if(ajaxCall.status == 200)
-						{
-							$("#contentDiv").hide("fast", function(){
-								$("#contentDiv").html(ajaxCall.responseText);
-								$("#contentDiv").show("fast");
-							});
-						}
-						else
-						{
-							$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-						}
-					});
-					</script>
-				<% } else { %>
-					<p>CTF Mode is already enabled!</p>
-				<% } %>
-			</form>
-			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
-		</div>
-	</div>
-	<%
-}
-else
-{
-response.sendRedirect("../../loggedOutSheep.html");
-}
-}
-else
-{
-response.sendRedirect("../../loggedOutSheep.html");
-}
-%>
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/admin/moduleManagement/moduleBlock.jsp b/SecurityShepherdCore/src/jsp/admin/moduleManagement/moduleBlock.jsp
index 7475336e8..6d8f1b7bf 100644
--- a/SecurityShepherdCore/src/jsp/admin/moduleManagement/moduleBlock.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/moduleManagement/moduleBlock.jsp
@@ -127,9 +127,6 @@ String ApplicationRoot = getServletContext().getRealPath("");
 									$("#badData").show("slow");
 								}
 								$("#enableBlockForm").slideDown("slow");
-								$('html, body').animate({
-							        scrollTop: $("#resultDiv").offset().top
-							    }, 1000);
 							});
 						});
 					});
@@ -161,9 +158,6 @@ String ApplicationRoot = getServletContext().getRealPath("");
 										$("#badData").show("slow");
 									}
 									$("#removeModuleBlockDiv").slideDown("slow");
-									$('html, body').animate({
-								        scrollTop: $("#resultDiv").offset().top
-								    }, 1000);
 								});
 							});
 						});
diff --git a/SecurityShepherdCore/src/jsp/admin/moduleManagement/openCloseByCategory.jsp b/SecurityShepherdCore/src/jsp/admin/moduleManagement/openCloseByCategory.jsp
index 9bda5d1be..6241856f8 100644
--- a/SecurityShepherdCore/src/jsp/admin/moduleManagement/openCloseByCategory.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/moduleManagement/openCloseByCategory.jsp
@@ -111,11 +111,11 @@ String ApplicationRoot = getServletContext().getRealPath("");
 						}
 						console.log('Showing Form');
 						$("#submitButton").slideDown("slow");
-						$('html, body').animate({
-					        scrollTop: $("#resultDiv").offset().top
-					    }, 1000);
 					});
 				});
+				var theRefreshError = "Could not Refresh Menu";
+				//Refresh the Side Menu
+				refreshSideMenu(theCsrfToken, theRefreshError);
 			});
 			
 			$("#openCategories").click(function(){
@@ -143,6 +143,8 @@ String ApplicationRoot = getServletContext().getRealPath("");
 							//Now output Result Div and Show
 							$("#resultDiv").html(ajaxCall.responseText);
 							$("#resultDiv").show("fast");
+							//Refresh the Side Menu
+							refreshSideMenu(theCsrfToken, theRefreshError);
 						}
 						else
 						{
@@ -156,6 +158,7 @@ String ApplicationRoot = getServletContext().getRealPath("");
 					    }, 1000);
 					});
 				});
+				var theRefreshError = "Could not Refresh Menu";
 			});
 			</script>
 			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
diff --git a/SecurityShepherdCore/src/jsp/admin/moduleManagement/openFloor.jsp b/SecurityShepherdCore/src/jsp/admin/moduleManagement/openFloor.jsp
deleted file mode 100644
index 236b7857c..000000000
--- a/SecurityShepherdCore/src/jsp/admin/moduleManagement/openFloor.jsp
+++ /dev/null
@@ -1,109 +0,0 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
-
-<%
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: openFloor.jsp *************************");
-
-/**
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- * 
- * @author Mark Denihan
- */
- 
-if (request.getSession() != null)
-{
-HttpSession ses = request.getSession();
-Getter get = new Getter();
-//Getting CSRF Token from client
-Cookie tokenCookie = null;
-try
-{
-	tokenCookie = Validate.getToken(request.getCookies());
-}
-catch(Exception htmlE)
-{
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(openFloor.jsp): tokenCookie Error:" + htmlE.toString());
-}
-// validateAdminSession ensures a valid session, and valid administrator credentials
-// Also, if tokenCookie != null, then the page is good to continue loading
-// Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-Object tokenParmeter = request.getParameter("csrfToken");
-if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
-{
-	//Logging Username
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-// Getting Session Variables
-//This encoder should escape all output to prevent XSS attacks. This should be performed everywhere for safety
-Encoder encoder = ESAPI.encoder();
-String csrfToken = encoder.encodeForHTMLAttribute(tokenCookie.getValue());
-String ApplicationRoot = getServletContext().getRealPath("");
-%>
-	<div id="formDiv" class="post">
-		<h1 class="title">Open Module Floor Plan</h1>
-		<div class="entry">
-			<form id="theForm" action="javascript:;">
-				<% if (!ModulePlan.isOpenFloor()) {%>
-					<p>If you enable an open floor plan, players will be able to attempt any level regardless of previous progress.</p>
-					<div id="badData"></div>
-					<input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-					<table align="center">
-						<tr><td colspan="2" align="center">
-							<input type="submit" id="submitButton" value="Enable Open Floor Plan"/>
-						</td></tr>
-					</table>
-					<script>					
-					$("#theForm").submit(function(){
-						var theCsrfToken = $('#csrfToken').val();
-						//The Ajax Operation
-						var ajaxCall = $.ajax({
-							type: "POST",
-							url: "openFloorModules",
-							data: {
-								csrfToken: theCsrfToken
-							},
-							async: false
-						});
-						if(ajaxCall.status == 200)
-						{
-							$("#contentDiv").hide("fast", function(){
-								$("#contentDiv").html(ajaxCall.responseText);
-								$("#contentDiv").show("fast");
-							});
-						}
-						else
-						{
-							$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-						}
-					});
-					</script>
-				<% } else { %>
-					<p>Open Floor Plan is already enabled!</p>
-				<% } %>
-			</form>
-			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
-		</div>
-	</div>
-	<%
-}
-else
-{
-	response.sendRedirect("../../loggedOutSheep.html");
-}
-}
-else
-{
-	response.sendRedirect("../../loggedOutSheep.html");
-}
-%>
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/admin/moduleManagement/setStatus.jsp b/SecurityShepherdCore/src/jsp/admin/moduleManagement/setStatus.jsp
index 6aaff6b58..4c7e3cb64 100644
--- a/SecurityShepherdCore/src/jsp/admin/moduleManagement/setStatus.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/moduleManagement/setStatus.jsp
@@ -109,9 +109,8 @@ String ApplicationRoot = getServletContext().getRealPath("");
 					$("#badData").show("slow");
 				}
 				$("#formDiv").slideDown("slow");
-				$('html, body').animate({
-			        scrollTop: $("#resultDiv").offset().top
-			    }, 1000);
+				//Refresh the Side Menu
+				refreshSideMenu(theCsrfToken, theRefreshError);
 			});
 		});
 	});
diff --git a/SecurityShepherdCore/src/jsp/admin/moduleManagement/tournamentFloor.jsp b/SecurityShepherdCore/src/jsp/admin/moduleManagement/tournamentFloor.jsp
deleted file mode 100644
index e7758400b..000000000
--- a/SecurityShepherdCore/src/jsp/admin/moduleManagement/tournamentFloor.jsp
+++ /dev/null
@@ -1,109 +0,0 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
-
-<%
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: tournyFloor.jsp *************************");
-
-/**
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- * 
- * @author Mark Denihan
- */
- 
-if (request.getSession() != null)
-{
-HttpSession ses = request.getSession();
-Getter get = new Getter();
-//Getting CSRF Token from client
-Cookie tokenCookie = null;
-try
-{
-	tokenCookie = Validate.getToken(request.getCookies());
-}
-catch(Exception htmlE)
-{
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG(tournyFloor.jsp): tokenCookie Error:" + htmlE.toString());
-}
-// validateAdminSession ensures a valid session, and valid administrator credentials
-// Also, if tokenCookie != null, then the page is good to continue loading
-// Token is now validated when accessing admin pages to stop attackers causing other users to tigger logs of access attempts
-Object tokenParmeter = request.getParameter("csrfToken");
-if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
-{
-	//Logging Username
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Accessed by: " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-// Getting Session Variables
-//This encoder should escape all output to prevent XSS attacks. This should be performed everywhere for safety
-Encoder encoder = ESAPI.encoder();
-String csrfToken = encoder.encodeForHTMLAttribute(tokenCookie.getValue());
-String ApplicationRoot = getServletContext().getRealPath("");
-%>
-	<div id="formDiv" class="post">
-		<h1 class="title">Tournament Floor Plan</h1>
-		<div class="entry">
-			<form id="theForm" action="javascript:;">
-				<% if (!ModulePlan.isTournyFloor()) {%>
-					<p>If you enable a tournament floor plan, players will be able to attempt any level regardless of previous progress. Levels will be sorted into belts of difficulty rather than their topic categories.</p>
-					<div id="badData"></div>
-					<input type="hidden" id="csrfToken" value="<%= csrfToken %>"/>
-					<table align="center">
-						<tr><td colspan="2" align="center">
-							<input type="submit" id="submitButton" value="Enable Tournament Floor Plan"/>
-						</td></tr>
-					</table>
-					<script>					
-					$("#theForm").submit(function(){
-						var theCsrfToken = $('#csrfToken').val();
-						//The Ajax Operation
-						var ajaxCall = $.ajax({
-							type: "POST",
-							url: "tournyFloorModules",
-							data: {
-								csrfToken: theCsrfToken
-							},
-							async: false
-						});
-						if(ajaxCall.status == 200)
-						{
-							$("#contentDiv").hide("fast", function(){
-								$("#contentDiv").html(ajaxCall.responseText);
-								$("#contentDiv").show("fast");
-							});
-						}
-						else
-						{
-							$("#badData").html("<div id='errorAlert'><p> Sorry but there was an error: " + ajaxCall.status + " " + ajaxCall.statusText + "</p></div>");
-						}
-					});
-					</script>
-				<% } else { %>
-					<p>Open Floor Plan is already enabled!</p>
-				<% } %>
-			</form>
-			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
-		</div>
-	</div>
-	<%
-}
-else
-{
-	response.sendRedirect("../../loggedOutSheep.html");
-}
-}
-else
-{
-	response.sendRedirect("../../loggedOutSheep.html");
-}
-%>
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/admin/userManagement/assignPlayers.jsp b/SecurityShepherdCore/src/jsp/admin/userManagement/assignPlayers.jsp
index a1f0d2663..0422b6c0e 100644
--- a/SecurityShepherdCore/src/jsp/admin/userManagement/assignPlayers.jsp
+++ b/SecurityShepherdCore/src/jsp/admin/userManagement/assignPlayers.jsp
@@ -177,7 +177,7 @@ if(Validate.validateAdminSession(ses, tokenCookie, tokenParmeter))
 				},
 				async: false
 			});
-			$("#loadingSign").hide("fast", function(){
+			$("#loadingDiv").hide("fast", function(){
 				if(ajaxCall.status == 200)
 				{
 					if(ajaxCall.responseText == '')
diff --git a/SecurityShepherdCore/src/jsp/blockedMessage.jsp b/SecurityShepherdCore/src/jsp/blockedMessage.jsp
index c327e963d..0abf46004 100644
--- a/SecurityShepherdCore/src/jsp/blockedMessage.jsp
+++ b/SecurityShepherdCore/src/jsp/blockedMessage.jsp
@@ -1,4 +1,5 @@
 <%@ page contentType="text/html; charset=iso-8859-1" language="java" import="dbProcs.Getter, utils.*" errorPage="" %>
+<%@ include file="translation.jsp" %>
 <%
 	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "DEBUG: scoreboard.jsp *************************");
 
@@ -49,7 +50,7 @@
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><fmt:message key="generic.label.pleaseWait" /></h2>
+			<h2 class="title"><fmt:message key="generic.text.pleaseWait" /></h2>
 			<p> 
 				<fmt:message key="blockedMessage.text.info.levelBlocked" />
 				<br/><br/>
diff --git a/SecurityShepherdCore/src/jsp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp b/SecurityShepherdCore/src/jsp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp
index bd726569e..ca723d927 100644
--- a/SecurityShepherdCore/src/jsp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/06f81ca93f26236112f8e31f32939bd496ffe8c9f7b564bce32bd5e3a8c2f751.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 	// Cross Site Scripting Challenge 4
@@ -59,10 +59,14 @@ String translatedLevelName = bundle.getString("challenge.challengeName");
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= encoder.encodeForHTML(translatedLevelName) %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= encoder.encodeForHTML(translatedLevelName) %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp b/SecurityShepherdCore/src/jsp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp
index a471be66c..e471e45f7 100644
--- a/SecurityShepherdCore/src/jsp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*, org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,15 @@
 String levelName = "Mobile Reverse Engineer 1";
 //Alphanumeric Only
 String levelHash = "072a9e4fc888562563adf8a89fa55050e3e1cfbbbe1d597b0537513ac8665295.jsp";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String i18nLevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -44,25 +52,28 @@ if (request.getSession() != null)
 	if (Validate.validateSession(ses) && tokenCookie != null)
 	{
 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+		
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
+	<title>Security Shepherd - <%= i18nLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
 				<br/>
-				This key to this challenge is the App author's name. Find it to complete the challenge.
+				<%= paragraph1 %>
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("ReverseEngineer2.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp b/SecurityShepherdCore/src/jsp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp
index d6bfe7f17..360acd248 100644
--- a/SecurityShepherdCore/src/jsp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"  language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,14 @@
 String levelName = "Mobile Insecure Data Storage 3";
 //Alphanumeric Only
 String levelHash = "11ccaf2f3b2aa4f88265b9cacb5e0ed26b11af978523e34528cf0bb9d32de851";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+//Used more than once translations
+String LevelName = bundle.getString("challenge3.challengeName");
+String paragraph1 = bundle.getString("challenge3.para1");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -52,21 +59,23 @@ if (request.getSession() != null)
 	<title>Security Shepherd - <%= levelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= levelName %></h2>
 			<p> 
 				<br/>
 				
-				Not all Apps will use <a>sqlite</a> to store user data, in some cases <a>SharedPreferences</a> is used. The key to this level can be gained once you log in as a legitimate user. 
+				<%= paragraph1 %>
 				
 				<br/>
 				<br/>
 				
-				<%= Analytics.getMobileLevelBlurb("InsecureData4.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData4.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp b/SecurityShepherdCore/src/jsp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp
index dc65c0f8a..12931e4ba 100644
--- a/SecurityShepherdCore/src/jsp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c.jsp
@@ -1,5 +1,6 @@
 <%@page import="servlets.module.challenge.DirectObjectBankLogin"%>
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*, servlets.module.challenge.DirectObjectBankLogin" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*, servlets.module.challenge.DirectObjectBankLogin" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,9 +24,13 @@
 //No Quotes In level Name
 String levelName = "Insecure Direct Object Reference Bank Challenge";
 //Alphanumeric Only
-String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "Not used - See Below";
+String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c"; 
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
+//Used more than once translations
+String i18nChallengeName = bundle.getString("challenge.challengeName");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -59,47 +64,50 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= levelName %></h2>
 			<p> 
-				To complete this challenge you must sign in to a bank account that has more than 5000000 euro in it. If you have more than this amount in your account, just sign out and back in again of the bank account to get the key, or open this level again.
+				<%= bundle.getString("challenge.whatToDo") %>
 				<br/>
 				<br/>
-				<h1 class='title'>InsecureDirectBank</h1>
-				<p>Hey new customers. We're up and coming in the banking sector and would like to give you a free account. Just create an account and sign in here:</p>
+				<h1 class='title'><%= bundle.getString("insecureBank.title") %></h1>
+				<p><%= bundle.getString("insecureBank.message") %></p>
 				<div id="unauthDiv" <% if(bankSessionDetected){ %> style="display: none;" <% } %>>
-					<h2 class="title">Sign in Now!</h2>
-					<p>Use this form to sign into your account now!</p>
+					<h2 class="title"><%= bundle.getString("insecureBank.signInNow") %></h2>
+					<p><%= bundle.getString("insecureBank.signInNow.message") %></p>
 					<div id="loginFormDiv">
 						<form id="loginForm" action="javascript:;">
 							<table>
-								<tr><td>Account Holder: </td><td><input type="text" id="loginAccountHolder"></td></tr>
-								<tr><td>Account Password: </td><td><input type="password" id="loginAccountPassword"></td></tr>
-								<tr><td colspan="2"><input type="submit" value="Sign Into Bank Account"></td></tr>
+								<tr><td><%= bundle.getString("loginForm.holder") %> </td><td><input type="text" id="loginAccountHolder" autocomplete="off"></td></tr>
+								<tr><td><%= bundle.getString("loginForm.password") %> </td><td><input type="password" id="loginAccountPassword" autocomplete="off"></td></tr>
+								<tr><td colspan="2"><input type="submit" value="<%= bundle.getString("loginForm.signIn") %>"></td></tr>
 							</table>
 						</form>
 					</div>
-					<p style="display: none;" id="loginLoadingSign">Loading...</p>
+					<p style="display: none;" id="loginLoadingSign"><%= bundle.getString("form.loading") %></p>
 					<div id="loginResultsDiv"></div>
 					<br>
 					<br>
-					<h2 class="title">Register An Account!</h2>
-					<p>Use this form to register an account now!</p>
+					<h2 class="title"><%= bundle.getString("register.makeAccount") %></h2>
+					<p><%= bundle.getString("register.makeAccount.message") %></p>
 					<div id="registrationFormDiv">
 						<form id="registrationForm" action="javascript:;">
 							<table>
-								<tr><td>Account Holder: </td><td><input type="text" id="registrationAccountHolder"></td></tr>
-								<tr><td>Account Password: </td><td><input type="password" id="registrationAccountPassword"></td></tr>
-								<tr><td colspan="2"><input type="submit" value="Create Bank Account"></td></tr>
+								<tr><td><%= bundle.getString("loginForm.holder") %> </td><td><input type="text" id="registrationAccountHolder" autocomplete="off"></td></tr>
+								<tr><td><%= bundle.getString("loginForm.password") %> </td><td><input type="password" id="registrationAccountPassword" autocomplete="off"></td></tr>
+								<tr><td colspan="2"><input type="submit" value="<%= bundle.getString("register.createAccount") %>"></td></tr>
 							</table>
 						</form>
 					</div>
-					<p style="display: none;" id="registrationLoadingSign">Loading...</p>
+					<p style="display: none;" id="registrationLoadingSign"><%= bundle.getString("form.loading") %></p>
 					<div id="registrationResultsDiv"></div>
 				</div>
 				<div id="authenticatedDiv" <% if(!bankSessionDetected){ %> style="display: none;"<% } %>>
@@ -137,7 +145,7 @@ if (request.getSession() != null)
 							if(ajaxCall.responseText.startsWith("ERROR"))
 								$("#loginResultsDiv").html(ajaxCall.responseText);
 							else
-								$("#loginResultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+								$("#loginResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 							$("#loginResultsDiv").show("fast");
 							$("#loginFormDiv").slideDown("slow");
 						}
@@ -167,7 +175,7 @@ if (request.getSession() != null)
 						}
 						else
 						{
-							$("#registrationResultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + ".</p>");
+							$("#registrationResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + ".</p>");
 						}
 						$("#registrationResultsDiv").show("fast");
 						$("#registrationFormDiv").slideDown("slow");
@@ -206,7 +214,7 @@ if (request.getSession() != null)
 							if(ajaxCall.responseText.startsWith("ERROR"))
 								$("#refreshResultsDiv").html("ajaxCall.responseText");
 							else
-								$("#refreshResultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+								$("#refreshResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 						}
 						$("#refreshResultsDiv").show("fast");
 						$("#refreshFormDiv").slideDown("slow");
@@ -249,7 +257,7 @@ if (request.getSession() != null)
 						}
 						else
 						{
-							$("#transferResultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#transferResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 						}
 						$("#transferResultsDiv").show("fast");
 						$("#transferFundsForm").slideDown("slow");
@@ -294,7 +302,7 @@ if (request.getSession() != null)
 							if(ajaxCall.responseText.startsWith("ERROR"))
 								$("#logoutResultsDiv").html(ajaxCall.responseText);
 							else
-								$("#logoutResultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+								$("#logoutResultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 							$("#logoutResultsDiv").show("fast");
 							$("#logoutFormDiv").slideDown("slow");
 						}
diff --git a/SecurityShepherdCore/src/jsp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp b/SecurityShepherdCore/src/jsp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp
index 1fde20e63..a686ab207 100644
--- a/SecurityShepherdCore/src/jsp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -28,7 +28,7 @@ String levelHash = "1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae9
 
 //Translation Stuff
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
 String i18nLevelName = bundle.getString("challenge.challengeName");
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
@@ -55,17 +55,21 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
 				<%= bundle.getString("challenge.description") %>
 				<br />
 				<br />
-				<h2><%= bundle.getString("challenge.superSecurePayments") %></h2>
+				<h2 class="title"><%= bundle.getString("challenge.superSecurePayments") %></h2>
 				<form id="leForm" action="javascript:;" autocomplete="off">
 					<table>
 					<tr><td colspan="2">
@@ -74,12 +78,12 @@ if (request.getSession() != null)
 					<tr><td>
 						<%= bundle.getString("challenge.form.userName") %> 
 					</td><td>
-						<input style="width: 200px;" id="theUserName" type="text" />
+						<input style="width: 200px;" id="theUserName" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<%= bundle.getString("challenge.form.password") %> 
 					</td><td>
-						<input style="width: 200px;" id="thePassword" type="password" />
+						<input style="width: 200px;" id="thePassword" type="password" autocomplete="off"/>
 					</td></tr>
 					<tr><td colspan="2">
 						<div id="submitButton"><input type="submit" value="Get user"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp b/SecurityShepherdCore/src/jsp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp
index e511e54d9..99e1328be 100644
--- a/SecurityShepherdCore/src/jsp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,12 @@
 String levelName = "Poor Validation 2";
 //Alphanumeric Only
 String levelHash = "20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "Not used - See Below";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.poorValidation.poorValidationStrings", locale);
+//Used more than once translations
+String i18nLevelName = bundle.getString("poorValidation.2.challengeName");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -49,29 +54,32 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
-				If you can buy trolls for free you'll receive the key for this level!
+				<%= bundle.getString("poorValidation.whatToDo") %>
 				<br/>
 				<br/>
-				<h3>Super Meme Shopping</h3>
-				Use this shop to buy whatever old memes you like!
+				<h3 class="title"><%= bundle.getString("poorValidation.shopping") %></h3>
+				<p><%= bundle.getString("poorValidation.shopping.whatToDo") %></p>
 				<br />
 				<br />
 				<form id="leForm" action="javascript:;">
 					<table>
 					<!-- Header -->
 					<tr>
-						<th>Picture</th>
-						<th>Cost</th>
-						<th>Quantity</th>
+						<th><%= bundle.getString("poorValidation.picture") %></th>
+						<th><%= bundle.getString("poorValidation.cost") %></th>
+						<th><%= bundle.getString("poorValidation.quantity") %></th>
 					</tr>
 					<!-- Rage Row -->
 					<tr>
@@ -98,12 +106,12 @@ if (request.getSession() != null)
 						<td><input type="text" style="width: 20px" value="0" id="numberOfMegusta" autocomplete="off"/>
 					</tr>
 					</table>
-					Please select how many items you would like to buy and click submit
+					<p><%= bundle.getString("poorValidation.howToShop") %></p>
 					<table>
 					<tr><td>			
 						<div id="submitButton">
-						<input type="submit" value="Place Order"/></div>
-						<p style="display: none;" id="loadingSign">Loading...</p>
+						<input type="submit" value="<%= bundle.getString("poorValidation.placeOrder") %>"/></div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("poorValidation.loading") %></p>
 					</td></tr>
 					</table>
 				</form>
@@ -137,7 +145,7 @@ if (request.getSession() != null)
 					}
 					else
 					{
-						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 					}
 					$("#resultsDiv").show("slow", function(){
 						$("#loadingSign").hide("fast", function(){
diff --git a/SecurityShepherdCore/src/jsp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp b/SecurityShepherdCore/src/jsp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp
index 667d9d86d..61d751c37 100644
--- a/SecurityShepherdCore/src/jsp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/269d55bc0e0ff635dcaeec8533085e5eae5d25e8646dcd4b05009353c9cf9c80.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 // Broken Authentication and Session Management Challenge 7
@@ -57,10 +57,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp b/SecurityShepherdCore/src/jsp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp
index 1390e77ae..b83139f96 100644
--- a/SecurityShepherdCore/src/jsp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/278fa30ee727b74b9a2522a5ca3bf993087de5a0ac72adff216002abf79146fa.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 
@@ -58,10 +58,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 				
diff --git a/SecurityShepherdCore/src/jsp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp b/SecurityShepherdCore/src/jsp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp
index 7d605b1fc..78e247f02 100644
--- a/SecurityShepherdCore/src/jsp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * This level uses XOR's user input with a key. the vulnerability in the cipher is if the attacker submits spaces, the key will be revealed after the XOR.
@@ -24,8 +25,15 @@
 String levelName = "Insecure Cyrpto Challenge 3";
 //Alphanumeric Only
 String levelHash = "2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+//Used more than once translations
+String i18nLevelName = bundle.getString("insecureCryptoStorage.3.challengename");
 //Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "The result key to this level is the same as the encryption key used in the following sub application. Break the cipher and recover the encryption key! The result key is in all caps.";
+String levelBlurb = bundle.getString("insecureCyrptoStorage.3.whatToDo");
+
 //Logs the IP, Forwarded IP that acceeded this level with the level name in the debug for convience. If you want to log more stuff in the JSP use this as an example
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -51,35 +59,40 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
 				<%= levelBlurb %>
 				<form id="leForm" action="javascript:;">
 					<table>
 					<tr><td>
-						Cipher text to decrypt: 
+						<%= bundle.getString("insecureCyrptoStorage.3.ciphertextToDecrypt") %>
 					</td><td>
 						<input type="text" width="130px" id="userInput" autocomplete="off">
 					</td></tr>
 					<tr><td colspan="2">			
 						<div id="submitButton">
-						<input type="submit" value="Decrypt"/></div>
-						<p style="display: none;" id="loadingSign">Loading...</p>
-						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
+						<input type="submit" value="<%= bundle.getString("insecureCyrptoStorage.decrypt") %>"/></div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("insecureCyrptoStorage.loading") %></p>
 					</td></tr>
 					</table>
 				</form>
 				
-				<div id="resultsDiv"><h2>Cipher text Example</h2><p>Try to decrypt this: IAAAAEkQBhEVBwpDHAFJGhYHSBYEGgocAw==</p></div>
+				<div id="resultsDiv">
+					<h2 class="title"><%= bundle.getString("insecureCyrptoStorage.3.ciphertextExample") %></h2>
+					<p><%= bundle.getString("insecureCyrptoStorage.3.tryDecryptThis") %> IAAAAEkQBhEVBwpDHAFJGhYHSBYEGgocAw==</p>
+				</div>
 			</p>
 		</div>
-		<% /*If you need to call the Server Do it like this */ %>
 		<script>
 			$("#leForm").submit(function(){
 				var theUserInput = $("#userInput").val();
@@ -100,7 +113,7 @@ if (request.getSession() != null)
 					}
 					else
 					{
-						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						$("#resultsDiv").html("<p> <%= bundle.getString("insecureCyrptoStorage.errorOccurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 					}
 					$("#resultsDiv").show("slow", function(){
 						$("#loadingSign").hide("fast", function(){
diff --git a/SecurityShepherdCore/src/jsp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp b/SecurityShepherdCore/src/jsp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp
index 2bb0208d5..d895ba500 100644
--- a/SecurityShepherdCore/src/jsp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/2e0981dcb8278a57dcfaae3b8da0c78d5a70c2d38ea9d8b3e14db3aea01afcbb.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -65,10 +65,14 @@ String i18nLevelName = bundle.getString("title.csrfJson");
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -91,7 +95,7 @@ String i18nLevelName = bundle.getString("title.csrfJson");
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %> 
-					<b> <a><%=	encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>			
 				<form id="leForm" action="javascript:;">
 					<table>
diff --git a/SecurityShepherdCore/src/jsp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp b/SecurityShepherdCore/src/jsp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp
index 58e38960b..4673cb2a6 100644
--- a/SecurityShepherdCore/src/jsp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/2fff41105149e507c75b5a54e558470469d7024929cf78d570cd16c03bee3569.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -63,10 +63,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -89,7 +93,7 @@ if (request.getSession() != null)
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %> 
-					<b> <a><%=	encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>				
 				<form id="leForm" action="javascript:;">
 					<table>
diff --git a/SecurityShepherdCore/src/jsp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp b/SecurityShepherdCore/src/jsp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp
index a7025bd38..52c1f4112 100644
--- a/SecurityShepherdCore/src/jsp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,16 @@
 String levelName = "Mobile Insecure Data Storage 1";
 //Alphanumeric Only
 String levelHash = "362f84cf26bf96aeae358d5d0bbee31e9291aaa5367594c29b3af542a7572c01";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -49,21 +58,22 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= levelName %></h2>
 			<p> 
 				<br/>
-				The App for this challenge stores user credentials within a database, the data has not been stored in plain text but it also has not been encrypted. Make the credentials readable to get the key. The key is the Admin's password.
-
+				<%= paragraph1 %>
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("InsecureData2.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp b/SecurityShepherdCore/src/jsp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp
index 07891b05d..9f27d5514 100644
--- a/SecurityShepherdCore/src/jsp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/4a1bc73dd68f64107db3bbc7ee74e3f1336d350c4e1e51d4eda5b52dddf86c99.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -58,10 +58,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp b/SecurityShepherdCore/src/jsp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp
index 58c66c1b5..32e7a5dd8 100644
--- a/SecurityShepherdCore/src/jsp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage=""%>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,16 @@
 String levelName = "Mobile Unintended Data Leakage 1";
 //Alphanumeric Only
 String levelHash = "517622a535ff89f7d90674862740b48f53aad7b41390fe46c6f324fee748d136";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.unintendedDataLeakage.dataLeakage", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -49,27 +58,22 @@ if (request.getSession() != null)
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%=levelName%></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%=LevelName%></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
-		<h2 class="title"><%=levelName%></h2>
+		<h2 class="title"><%=LevelName%></h2>
 		<p>
-			<%
-				/* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/
-			%>
-
-			<%=levelBlurb%>
-			<br /> Log in as the user of this App to get the key for this
-			challenge. <a>Some data</a> has been logged but it is up to the
-			attacker to know what to do with this data. <br /> <br />
-
-			<%=Analytics.getMobileLevelBlurb("UDataLeakage2.apk")%>
+			<%= paragraph1 %>
+			 <br /> <br />
+			<%=mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage1.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 		</p>
 	</div>
 	<%
diff --git a/SecurityShepherdCore/src/jsp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp b/SecurityShepherdCore/src/jsp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp
index f9e65963c..cb0c6b5b5 100644
--- a/SecurityShepherdCore/src/jsp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage=""%>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,17 @@
 String levelName = "Mobile Reverse Engineering 2";
 //Alphanumeric Only
 String levelHash = "5bc811f9e744a71393a277c51bfd8fbb5469a60209b44fa3485c18794df4d5b1";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -48,27 +58,23 @@ if (request.getSession() != null)
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%=levelName%></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%=LevelName%></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
-		<h2 class="title"><%=levelName%></h2>
+		<h2 class="title"><%=LevelName%></h2>
 		<p>
-			<%=levelBlurb%>
-			<br /> When an attacker reverse engineers an APK, they usually find
-			multiple <a>packages</a> containing multiple <a>activities</a>, 
-			containing multiple <a>methods</a> which have all been obfuscated to
-			crawl through. The key for this challenge has been hard coded into the APK for this challenge. To get to
-			the key reverse engineer the APK and find the correct Activity which
-			performs a conditional statement to check the validity of the key. <br />
+			<%= paragraph1 %>
+			<br />
 			<br/>
-			<%= Analytics.getMobileLevelBlurb("ReverseEngineer3.apk") %>
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 		</p>
 	</div>
 	<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
diff --git a/SecurityShepherdCore/src/jsp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp b/SecurityShepherdCore/src/jsp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp
index c175dad42..fc492178d 100644
--- a/SecurityShepherdCore/src/jsp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/70b96195472adf3bf347cbc37c34489287969d5ba504ac2439915184d6e5dc49.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 	// Cross Site Request Forgery Challenge 5
@@ -65,10 +65,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -91,7 +95,7 @@ if (request.getSession() != null)
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %> 
-					<b> <a><%=	encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>			
 				<form id="leForm" action="javascript:;">
 					<table>
diff --git a/SecurityShepherdCore/src/jsp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp b/SecurityShepherdCore/src/jsp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp
index 5e7964f4a..0081c5000 100644
--- a/SecurityShepherdCore/src/jsp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/714d8601c303bbef8b5cabab60b1060ac41f0d96f53b6ea54705bb1ea4316334.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 /**
@@ -55,10 +55,14 @@ String i18nLevelName = bundle.getString("challenge.challengeName");
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp b/SecurityShepherdCore/src/jsp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp
index 4fda6de4c..5f5377485 100644
--- a/SecurityShepherdCore/src/jsp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/7aed58f3a00087d56c844ed9474c671f8999680556c127a19ee79fa5d7a132e1.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 // Broken Authentication and Session Management Challenge Five
@@ -56,10 +56,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp b/SecurityShepherdCore/src/jsp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp
index be03ab9b1..ccdf1ab59 100644
--- a/SecurityShepherdCore/src/jsp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 	// Cross Site Request Forgery Challenge 7
@@ -71,10 +71,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -98,7 +102,7 @@ if (request.getSession() != null)
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %> 
-					<b> <a><%=	encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>			
 				<form id="leForm" action="javascript:;">
 					<table>
diff --git a/SecurityShepherdCore/src/jsp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp b/SecurityShepherdCore/src/jsp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp
index dd36377b4..440a59bba 100644
--- a/SecurityShepherdCore/src/jsp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7.jsp
@@ -1,8 +1,8 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
- * SQL Injection Challenge One
+ * SQL Injection Challenge Stored Proc
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
  * 
@@ -27,7 +27,7 @@
  
  //Translation Stuff
  Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
- ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
  //Used more than once translations
  String translatedLevelName = bundle.getString("challenge.challengeName");
  ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
@@ -54,10 +54,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
@@ -75,10 +79,10 @@
 				<form id="leForm" action="javascript:;">
 					<table>
 					<tr><td>
-						<%= bundle.getString("challenge.form.pleaseEnter") %><a><%= bundle.getString("challenge.form.customerEmail") %></a><%= bundle.getString("challenge.form.userLookUp") %>
+						<%= bundle.getString("challenge.form.pleaseEnter") %><a><%= bundle.getString("challenge.form.customerName") %></a> <%= bundle.getString("challenge.form.userLookUp") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="userIdentity" type="text"/>
+						<input style="width: 400px;" id="userIdentity" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.getUser") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp b/SecurityShepherdCore/src/jsp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp
index d8b38048d..5dacf1846 100644
--- a/SecurityShepherdCore/src/jsp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage=""%>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,12 @@
 String levelName = "Mobile Unintended Data Leakage 1";
 //Alphanumeric Only
 String levelHash = "83dee43e50f65876d9c24a9355200f7c10569dc94e51349f7b857fb68b4e6bdf";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.mobile.unintendedDataLeakage.dataLeakage" + levelHash, locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+//Used more than once translations
+String translatedLevelName = bundle.getString("challenge1.challengeName");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -49,27 +54,23 @@ if (request.getSession() != null)
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%=levelName%></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%=translatedLevelName%></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
-		<h2 class="title"><%=levelName%></h2>
+		<h2 class="title"><%=translatedLevelName%></h2>
 		<p>
-			<%
-				/* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/
-			%>
-
-			<%=levelBlurb%>
-			<br /> Log in as the user of this App to get the key for this
-			challenge. <a>Some data</a> has been logged but it is up to the
-			attacker to know what to do with this data. <br /> <br />
-
-			<%=Analytics.getMobileLevelBlurb("UDataLeakage2.apk")%>
+			<%= bundle.getString("challenge1.para1") %>
+			<br />
+			<br />
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage2.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 		</p>
 	</div>
 	<%
diff --git a/SecurityShepherdCore/src/jsp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp b/SecurityShepherdCore/src/jsp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp
index 91ad9a07c..fc7bf65ab 100644
--- a/SecurityShepherdCore/src/jsp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/84118752e6cd78fecc3563ba2873d944aacb7b72f28693a23f9949ac310648b5.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 	// Cross Site Request Forgery Challenge 4
@@ -69,10 +69,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -95,7 +99,7 @@ if (request.getSession() != null)
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %> 
-					<b> <a><%= encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%= Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>			
 				<form id="leForm" action="javascript:;">
 					<table>
diff --git a/SecurityShepherdCore/src/jsp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp b/SecurityShepherdCore/src/jsp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp
index 649269245..081df9d54 100644
--- a/SecurityShepherdCore/src/jsp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,17 @@
 String levelName = "Mobile Unintended Data Leakage 2";
 //Alphanumeric Only
 String levelHash = "85ceae7ec397c8f4448be51c33a634194bf5da440282227c15954bbdfb54f0c7";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.unintendedDataLeakage.dataLeakage", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -51,20 +61,19 @@ if (request.getSession() != null)
 	<title>Security Shepherd - <%= levelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= LevelName %></h2>
 			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
+				<%= paragraph1 %>
 				<br/>
-This App is leaking logs. The Key is the winning lotto number! <br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("UDataLeakage3.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage3.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp b/SecurityShepherdCore/src/jsp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp
index 1f4c7c9e7..9157e5c1d 100644
--- a/SecurityShepherdCore/src/jsp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,17 @@
 String levelName = "Mobile Client Side Injection 1";
 //Alphanumeric Only
 String levelHash = "8855c8bb9df4446a546414562eda550520e29f7a82400a317c579eb3a5a0a8ef";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.clientSideInjection.clientSideInjection", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -49,24 +59,22 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
-			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
-				<br/>
+			<h2 class="title"><%= LevelName %></h2>
+			<p> 
+				<%= paragraph1 %>
 				
-				The App for this challenge uses sloppy filters in an attempt to thwart attackers. These filters can be easily bypassed. Login to get the key. 
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("CSInjection2.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection1.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp b/SecurityShepherdCore/src/jsp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp
index af29fcc9a..899b86058 100644
--- a/SecurityShepherdCore/src/jsp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/8c2dd7e9818e5c6a9f8562feefa002dc0e455f0e92c8a46ab0cf519b1547eced.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -27,7 +27,7 @@
  
  //Translation Stuff
  Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
- ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
  //Used more than once translations
  String i18nLevelName = bundle.getString("challenge.challengeName");
  
@@ -57,10 +57,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp b/SecurityShepherdCore/src/jsp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp
index 035b54a4a..4ee60fafc 100644
--- a/SecurityShepherdCore/src/jsp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -26,7 +26,7 @@
  String levelHash = "8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4";
  //Translation Stuff
  Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
- ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
  //Used more than once translations
  String i18nLevelName = bundle.getString("challenge.challengeName");
  ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
@@ -58,7 +58,10 @@
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -79,7 +82,7 @@
 						<%= bundle.getString("challenge.form.pleaseEnter") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="aUserId" type="text"/>
+						<input style="width: 400px;" id="aUserId" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.button.value") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp b/SecurityShepherdCore/src/jsp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp
index e19c6d610..142e139ef 100644
--- a/SecurityShepherdCore/src/jsp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -24,12 +24,10 @@
 String levelName = "SQL Injection Challenge 5";
 //Alphanumeric Only
 String levelHash = "8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "Not used - See Below";
 
 //Translation Stuff
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
 String i18nLevelName = bundle.getString("challenge.challengeName");
 
@@ -57,11 +55,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp b/SecurityShepherdCore/src/jsp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp
index 8f5d6fe59..16ac8d3eb 100644
--- a/SecurityShepherdCore/src/jsp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/ad2628bcc79bf10dd54ee62de148ab44b7bd028009a908ce3f1b4d019886d0e.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 // Cross Site Scripting Challenge 3
@@ -56,10 +56,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp b/SecurityShepherdCore/src/jsp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp
index 740768d16..296f32892 100644
--- a/SecurityShepherdCore/src/jsp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/b5e1020e3742cf2c0880d4098146c4dde25ebd8ceab51807bad88ff47c316ece.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 // Broken Authentication and Session Management Challenge Six
@@ -57,10 +57,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp b/SecurityShepherdCore/src/jsp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp
index f1acae99e..a5150afd4 100644
--- a/SecurityShepherdCore/src/jsp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 // SQL Injection Challenge Three
@@ -28,7 +28,7 @@ String levelHash = "b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab89249
 
 //Translation Stuff
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
 String i18nLevelName = bundle.getString("challenge.challengeName");
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
@@ -56,12 +56,15 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= i18nLevelName %>
-	</title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title">
 			<%= i18nLevelName %>
@@ -75,7 +78,7 @@ if (request.getSession() != null)
 						<%= bundle.getString("challenge.form.pleaseEnter") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="theUserName" type="text"/>
+						<input style="width: 400px;" id="theUserName" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.button.value") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp b/SecurityShepherdCore/src/jsp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp
index 98add21b5..c553dcda0 100644
--- a/SecurityShepherdCore/src/jsp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,13 @@
 String levelName = "Insecure Crypto Storage Challenge 4";
 //Alphanumeric Only
 String levelHash = "b927fc4d8c9f70a78f8b6fc46a0cc18533a88b2363054a1f391fe855954d12f9";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "Not used - See Below";
+
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+//Used more than once translations
+String i18nLevelName = bundle.getString("insecureCryptoStorage.4.challengename");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -49,30 +55,32 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
-				If you can buy trolls for free you'll receive the key for this level!
+				<%= bundle.getString("insecureCyrptoStorage.4.whatToDo") %>
 				<br/>
 				<br/>
-				<h3>Super Meme Shopping</h3>
-				Hey customers: Due to a shipping mistake we are completely over stocked in rage Memes. 
-				Use the coupon code <a>PleaseTakeARage</a> or <a>RageMemeForFree</a> to get yours for free!!!.
+				<h3 class="title"><%= bundle.getString("insecureCyrptoStorage.4.shop") %></h3>
+				<p><%= bundle.getString("insecureCyrptoStorage.4.shop.message.1") %> <a>PleaseTakeARage</a> <%= bundle.getString("insecureCyrptoStorage.4.shop.message.2") %> <a>RageMemeForFree</a> <%= bundle.getString("insecureCyrptoStorage.4.shop.message.3") %></p>
 				<br />
 				<br />
 				<form id="leForm" action="javascript:;">
 					<table>
 					<!-- Header -->
 					<tr>
-						<th>Picture</th>
-						<th>Cost</th>
-						<th>Quantity</th>
+						<th><%= bundle.getString("insecureCyrptoStorage.4.shop.picture") %></th>
+						<th><%= bundle.getString("insecureCyrptoStorage.4.shop.cost") %></th>
+						<th><%= bundle.getString("insecureCyrptoStorage.4.shop.quantity") %></th>
 					</tr>
 					<!-- Rage Row -->
 					<tr>
@@ -99,13 +107,13 @@ if (request.getSession() != null)
 						<td><input type="text" style="width: 20px" value="0" id="numberOfMegusta" autocomplete="off"/>
 					</tr>
 					</table>
-					Please select how many things you would like to buy and click submit
+					<p><%= bundle.getString("insecureCyrptoStorage.4.shop.howToShop") %></p>
 					<table>
-					<tr><td>Coupon Code:</td><td><input type="text" id="couponCode" autocomplete="off"/></td></tr>
+					<tr><td><%= bundle.getString("insecureCyrptoStorage.4.shop.couponCode") %></td><td><input type="text" id="couponCode" autocomplete="off"/></td></tr>
 					<tr><td colspons = 2>			
 						<div id="submitButton">
-						<input type="submit" value="Place Order"/></div>
-						<p style="display: none;" id="loadingSign">Loading...</p>
+						<input type="submit" value="<%= bundle.getString("insecureCyrptoStorage.4.shop.submit") %>"/></div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("insecureCyrptoStorage.loading") %></p>
 					</td></tr>
 					</table>
 				</form>
@@ -141,7 +149,7 @@ if (request.getSession() != null)
 					}
 					else
 					{
-						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						$("#resultsDiv").html("<p> <%= bundle.getString("insecureCyrptoStorage.errorOccurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 					}
 					$("#resultsDiv").show("slow", function(){
 						$("#loadingSign").hide("fast", function(){
diff --git a/SecurityShepherdCore/src/jsp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp b/SecurityShepherdCore/src/jsp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp
index 1daf92734..6b72bda22 100644
--- a/SecurityShepherdCore/src/jsp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4.jsp
@@ -1,5 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="servlets.module.challenge.SecurityMisconfigStealTokens, java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
-
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="servlets.module.challenge.SecurityMisconfigStealTokens, java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 /**
  * Security Misconfiguration Cookie Challenge
@@ -23,6 +23,13 @@
  */
  String levelName = new String("Security Misconfiguration Cookie Flag Challenge");
  String levelHash = new String("c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4");
+ 
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.securityMisconfig." + levelHash, locale);
+//Used more than once translations
+String i18nLevelName = bundle.getString("securityMisconfig.stealTokens.challengeName");
+ 
  ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
  if (request.getSession() != null)
  {
@@ -72,31 +79,33 @@
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
-				To complete this challenge, you must steal the <a>securityMisconfigLesson</a> cookie of another user. The administrators of the sub application have misconfigured the mechanism which enforces cookie security flags. The cookie set in this lesson has not been given the "secure" flag. This means that in any HTTP requests to the lesson will include this cookie. 
-				Even though the application (If Shepherd has been correctly configured) redirects to a HTTPs service upon access, the will have been sent across the network in plain text. When players open this lesson, they automatically send a HTTP request thanks to the following &lt;IMG&gt; element. 
-				Image elements do not follow the mixed content policy and will send HTTP requests even when loaded inside a HTTPs context. This will not work with an iFrame.
+				<%= bundle.getString("securityMisconfig.stealTokens.description") %>
 				<br/>
 				<br/>
-				<img alt="This Image has sent your securityMisconfigLesson across the network in plain text" title="This Image has sent your securityMisconfigLesson across the network in plain text" src="<%= encoder.encodeForHTMLAttribute(challengeUrl) %>">
+				<img height="25px" width="25px" style="display: block;" alt="<%= bundle.getString("securityMisconfig.stealTokens.whyThisImageIsHere") %>" title="<%= bundle.getString("securityMisconfig.stealTokens.whyThisImageIsHere") %>" src="<%= encoder.encodeForHTMLAttribute(challengeUrl) %>">
 				<br/>
 				<br/>
-				If there are no users on your local network, this lesson is <B>very difficult</B> to complete. Please ask your Shepherd Administrator to disable it.
+				<%= bundle.getString("securityMisconfig.stealTokens.haveSomebodyOnYourNetwork") %>
 				<br/>
 				<br/>
-				Once you have stolen another user's <a>securityMisconfigLesson</a> token, click the following button and sub in the other user's token where your own exists.
+				<%= bundle.getString("securityMisconfig.stealTokens.stealTokenThenDoThis") %>
 				<form id="leForm" action="javascript:;">
 					<table>
 					<tr><td>
-						<div id="submitButton"><input type="submit" value="Get Result Key"/></div>
-						<p style="display: none;" id="loadingSign">Loading...</p>
+						<div id="submitButton"><input type="submit" value="<%= bundle.getString("form.securityMisconfig.stealTokens.submit") %>"/></div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("form.challenge.loading") %></p>
 					</td></tr>
 					</table>
 				</form>
@@ -123,7 +132,7 @@
 					}
 					else
 					{
-						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 					}
 					$("#resultsDiv").show("slow", function(){
 						$("#loadingSign").hide("fast", function(){
diff --git a/SecurityShepherdCore/src/jsp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp b/SecurityShepherdCore/src/jsp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp
index 427524bfc..cfd70b7c9 100644
--- a/SecurityShepherdCore/src/jsp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,12 @@
 String levelName = "Poor Validation 1";
 //Alphanumeric Only
 String levelHash = "ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "Not used - See Below";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.poorValidation.poorValidationStrings", locale);
+//Used more than once translations
+String i18nLevelName = bundle.getString("poorValidation.1.challengeName");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -49,29 +54,32 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
-				If you can buy trolls for free you'll receive the key for this level!
+				<%= bundle.getString("poorValidation.whatToDo") %>
 				<br/>
 				<br/>
-				<h3>Super Meme Shopping</h3>
-				Use this shop to buy whatever old memes you like!
+				<h3 class="title"><%= bundle.getString("poorValidation.shopping") %></h3>
+				<p><%= bundle.getString("poorValidation.shopping.whatToDo") %></p>
 				<br />
 				<br />
 				<form id="leForm" action="javascript:;">
 					<table>
 					<!-- Header -->
 					<tr>
-						<th>Picture</th>
-						<th>Cost</th>
-						<th>Quantity</th>
+						<th><%= bundle.getString("poorValidation.picture") %></th>
+						<th><%= bundle.getString("poorValidation.cost") %></th>
+						<th><%= bundle.getString("poorValidation.quantity") %></th>
 					</tr>
 					<!-- Rage Row -->
 					<tr>
@@ -98,12 +106,12 @@ if (request.getSession() != null)
 						<td><input type="text" style="width: 20px" value="0" id="numberOfMegusta" autocomplete="off"/>
 					</tr>
 					</table>
-					Please select how many items you would like to buy and click submit
+					<%= bundle.getString("poorValidation.howToShop") %>
 					<table>
 					<tr><td>			
 						<div id="submitButton">
-						<input type="submit" value="Place Order"/></div>
-						<p style="display: none;" id="loadingSign">Loading...</p>
+						<input type="submit" value="<%= bundle.getString("poorValidation.placeOrder") %>"/></div>
+						<p style="display: none;" id="loadingSign"><%= bundle.getString("poorValidation.loading") %></p>
 					</td></tr>
 					</table>
 				</form>
@@ -137,7 +145,7 @@ if (request.getSession() != null)
 					}
 					else
 					{
-						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+						$("#resultsDiv").html("<p> <%= bundle.getString("error.occurred") %>: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
 					}
 					$("#resultsDiv").show("slow", function(){
 						$("#loadingSign").hide("fast", function(){
diff --git a/SecurityShepherdCore/src/jsp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp b/SecurityShepherdCore/src/jsp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp
index 0be1ee9f5..854f5400c 100644
--- a/SecurityShepherdCore/src/jsp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,16 @@
 String levelName = "Mobile Client Side Injection 2";
 //Alphanumeric Only
 String levelHash = "cfe68711def42bb0b201467b859322dd2750f633246842280dc68c858d208425";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.clientSideInjection.clientSideInjection", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -49,24 +58,21 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= LevelName %></h2>
 			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
-				<br/>
-				This App has an upgraded form of filtering. Bypass the filtering, and perform SQL Injection to sign in as a legitimate user. 
-				
+				<%= paragraph1 %>				
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("CSInjection3.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 				
 				<% /* IF you need a form - Present it like this */ %>
 				<%
diff --git a/SecurityShepherdCore/src/jsp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp b/SecurityShepherdCore/src/jsp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp
index deb42d43a..1ecd02c63 100644
--- a/SecurityShepherdCore/src/jsp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -33,7 +33,7 @@ String levelBlurb = "Download the file and play with it to extract the key for t
 
 //Translation Stuff
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
 String i18nLevelName = bundle.getString("challenge.challengeName");
 
@@ -62,10 +62,13 @@ if (request.getSession() != null)
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
-
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp b/SecurityShepherdCore/src/jsp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp
index ede9c0d78..ec9b8dfdd 100644
--- a/SecurityShepherdCore/src/jsp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,18 @@
 String levelName = "Mobile Broken Crypto 1";
 //Alphanumeric Only
 String levelHash = "d2f8519f8264f9479f56165465590b499ceca941ab848805c00f5bf0a40c9717";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
+
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -48,24 +59,22 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= LevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
-			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
-				<br/>
-				This App uses a deprecated encryption algorithm (DES) and breaks a vital rule of key management. The key is in the conversation. Decrypt the chat to get the key.  			
+			<h2 class="title"><%= LevelName %></h2>
+			<p> 				
+				<%= paragraph1 %>
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("BrokenCrypto2.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto1.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp b/SecurityShepherdCore/src/jsp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp
index 86e5a571d..85d6b2025 100644
--- a/SecurityShepherdCore/src/jsp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/d330dea1acf21886b685184ee222ea8e0a60589c3940afd6ebf433469e997caf.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -57,10 +57,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= encoder.encodeForHTML(translatedLevelName) %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= encoder.encodeForHTML(translatedLevelName) %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp b/SecurityShepherdCore/src/jsp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp
index 8690b752c..caf9c0a87 100644
--- a/SecurityShepherdCore/src/jsp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66.jsp
@@ -27,7 +27,7 @@ String levelHash = "d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5ba
  */
 
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 
 String i18nLevelName = bundle.getString("challenge.challengeName");
 String levelBlurb = bundle.getString("challenge.description");
@@ -58,9 +58,13 @@ if (request.getSession() != null)
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 				
diff --git a/SecurityShepherdCore/src/jsp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp b/SecurityShepherdCore/src/jsp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp
index 39c81a044..749075885 100644
--- a/SecurityShepherdCore/src/jsp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/d72ca2694422af2e6b3c5d90e4c11e7b4575a7bc12ee6d0a384ac2469449e8fa.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -58,10 +58,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
@@ -72,7 +76,7 @@
 						<%= bundle.getString("challenge.form.instruction") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="searchTerm" type="text"/>
+						<input style="width: 400px;" id="searchTerm" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.getUser") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp b/SecurityShepherdCore/src/jsp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp
index 30fbda0e8..a0dcc4ae2 100644
--- a/SecurityShepherdCore/src/jsp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/d779e34a54172cbc245300d3bc22937090ebd3769466a501a5e7ac605b9f34b7.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 // Broken Authentication and Session Management Challenge Two
@@ -57,10 +57,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
@@ -72,12 +76,12 @@ if (request.getSession() != null)
 							<tr><td>
 								<%= bundle.getString("challenge.form.userName") %>
 							</td><td>
-								<input type="text" id="subName"/>
+								<input type="text" id="subName" autocomplete="off"/>
 							</td></tr>
 							<tr><td>
 								<%= bundle.getString("challenge.form.password") %>
 							</td><td>
-								<input type="password" id="subPassword"/>
+								<input type="password" id="subPassword" autocomplete="off"/>
 							</td></tr>
 							<tr><td colspan="2">
 								<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.signIn") %>"/></div>
@@ -94,7 +98,7 @@ if (request.getSession() != null)
 						<p><%= bundle.getString("reset.whatToDo") %></p>
 						<table>
 							<tr></td>
-								<div id="resetSubmit"><input id="resetEmail" type="text"/><input type="submit" value="<%= bundle.getString("reset.header") %>"/></div>
+								<div id="resetSubmit"><input id="resetEmail" type="text" autocomplete="off"/><input type="submit" value="<%= bundle.getString("reset.header") %>"/></div>
 								<p style="display: none;" id="resetLoadingSign"><%= bundle.getString("challenge.form.loading") %></p>
 							</td></tr>
 						</table>
diff --git a/SecurityShepherdCore/src/jsp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp b/SecurityShepherdCore/src/jsp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp
index aa04a8362..3c2ec8bd5 100644
--- a/SecurityShepherdCore/src/jsp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage=""%>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,6 +24,16 @@
 String levelName = "Mobile Reverse Engineering 3";
 //Alphanumeric Only
 String levelHash = "dbae0baa3f71f196c4d2c6c984d45a6c1c635bf1b482dccfe32e9b01b69a042b.jsp";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.reverseEngineer.reverseEngineer", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge3.challengeName");
+String paragraph1 = bundle.getString("challenge3.para1");
+
 //Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
 String levelBlurb = "";
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
@@ -47,24 +58,25 @@ if (request.getSession() != null)
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%=levelName%></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%=LevelName%></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
-		<h2 class="title"><%=levelName%></h2>
+		<h2 class="title"><%=LevelName%></h2>
 		<p>
 
 			<%=levelBlurb%>
-			<br /> The developers of this App, <a>ReverseEngineer4</a>, have decided to use an algorithm to confirm or deny the authenticity of the key. You must Reverse Engineer ReverseEngineer3.APK to find this algorithm. If you are unsure whether or not the key is correct, there is a key validity checker in the App. <br />
+			<br /> <%= paragraph1 %><br />
 			<br>
 			<br/>
-			<%= Analytics.getMobileLevelBlurb("ReverseEngineer4.apk") %>
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer3.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 		</p>
 	</div>
 	<% if (Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
diff --git a/SecurityShepherdCore/src/jsp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp b/SecurityShepherdCore/src/jsp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp
index 6c024c8b4..170ddce46 100644
--- a/SecurityShepherdCore/src/jsp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/dfa404130278f44b05dc06486dd06134dac7d843367763a3226c9081f537fb2f.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 
 <%
 /**
@@ -49,10 +49,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - Insecure Direct Object References Challenge One</title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title">Insecure Direct Object Reference Challenge One</h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp b/SecurityShepherdCore/src/jsp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp
index bbfd8b401..e4efd8e73 100644
--- a/SecurityShepherdCore/src/jsp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -54,10 +54,14 @@ String translatedLevelName = bundle.getString("challenge.challengeName");
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp b/SecurityShepherdCore/src/jsp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp
index abee30e0a..4f10ff68e 100644
--- a/SecurityShepherdCore/src/jsp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -27,7 +27,7 @@ String levelHash = "e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc841851371
 
 //Translation Stuff
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
 String i18nLevelName = bundle.getString("challenge.challengeName");
 
@@ -57,10 +57,14 @@ String i18nLevelName = bundle.getString("challenge.challengeName");
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -81,7 +85,7 @@ String i18nLevelName = bundle.getString("challenge.challengeName");
 						<%= bundle.getString("challenge.form.pleaseEnter") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="aUserId" type="text"/>
+						<input style="width: 400px;" id="aUserId" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.button.value") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp b/SecurityShepherdCore/src/jsp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp
index 27c2d51ca..8fa48d39f 100644
--- a/SecurityShepherdCore/src/jsp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/e40333fc2c40b8e0169e433366350f55c77b82878329570efa894838980de5b4.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -55,10 +55,14 @@ String translatedLevelName = bundle.getString("challenge.challengeName");
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp b/SecurityShepherdCore/src/jsp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp
index 39119016d..f6a6249f1 100644
--- a/SecurityShepherdCore/src/jsp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,15 @@
 String levelName = "Mobile Insecure Data Storage 2";
 //Alphanumeric Only
 String levelHash = "ec09515a304d2de1f552e961ab769967bdc75740ad2363803168b7907c794cd4";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -50,22 +58,23 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= levelName %></h2>
 			<p> 
 				<br/>
-				The App for this challenge, <a>InsecureData3</a> uses a hashing algorithm on stored user credentials. However, there are two issues here, firstly the user is using a <a>bad password</a>. Secondly, the App does <a>not use a salt</a> when hashing the data. The result key to this challenge is the user's password.
-
+				<%= paragraph1 %>
 				<br/>
 				<br/>
 				
-				<%= Analytics.getMobileLevelBlurb("InsecureData3.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp b/SecurityShepherdCore/src/jsp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp
index e57adf472..2ff94dfc1 100644
--- a/SecurityShepherdCore/src/jsp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 /**
@@ -55,10 +55,14 @@ if (request.getSession() != null)
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp b/SecurityShepherdCore/src/jsp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp
index 77b047a53..34900d481 100644
--- a/SecurityShepherdCore/src/jsp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,15 @@
 String levelName = "Mobile Poor Authentication 1";
 //Alphanumeric Only
 String levelHash = "efa08298fc6a4add4b9a4bbdbbbb18ac934667971fa275bd7d234589bd8a8467";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.insecureData.insecureDataStrings", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge1.challengeName");
+String paragraph1 = bundle.getString("challenge1.para1");
 
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
@@ -52,20 +60,20 @@ if (request.getSession() != null)
 	<title>Security Shepherd - <%= levelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= levelName %></h2>
 			<p> 
 				<br/>
-				You must log into the App  <a>PoorAuthentication2.apk</a> to get the key. The Username and Password have been saved but this App uses a specially generated <a>Authentication Code</a>. 
+				<%= paragraph1 %>
 				<br/>
 				<br/>
-				
-				<%= Analytics.getMobileLevelBlurb("PoorAuthentication2.apk") %>
-				
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " PoorAuthentication2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 			</p>
 		</div>
 		
diff --git a/SecurityShepherdCore/src/jsp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp b/SecurityShepherdCore/src/jsp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp
index 45db3a84c..1ec46c039 100644
--- a/SecurityShepherdCore/src/jsp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/f37d45f597832cdc6e91358dca3f53039d4489c94df2ee280d6203b389dd5671.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -58,10 +58,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= encoder.encodeForHTML(translatedLevelName) %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= encoder.encodeForHTML(translatedLevelName) %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp b/SecurityShepherdCore/src/jsp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp
index 6a07e0241..2d037eeda 100644
--- a/SecurityShepherdCore/src/jsp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/f5a3f19dd44b53c6d29dda65fa90791bb312a3044b3110acb8a65d165376bf34.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,16 @@
 String levelName = "Mobile Broken Crypto 3";
 //Alphanumeric Only
 String levelHash = "fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge3.challengeName");
+String paragraph1 = bundle.getString("challenge3.para1");
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -48,24 +57,22 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
+	<title>Security Shepherd - <%= LevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= LevelName %></h2>
 			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
-				<br/>
-				The key for this challenge can be found in the client side database. Get the key to pass this challenge.  			
+				<%= paragraph1 %>
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("BrokenCrypto4.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto4.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp b/SecurityShepherdCore/src/jsp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp
index 8a0c4d011..a26e4fbc1 100644
--- a/SecurityShepherdCore/src/jsp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc.jsp
@@ -1,4 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * <br/><br/>
@@ -23,8 +24,16 @@
 String levelName = "Mobile Broken Crypto 2";
 //Alphanumeric Only
 String levelHash = "fb5c9ce0f5539b737e534fd317befff7427f6610ed626dfd43abf35295f106bc";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
+
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.mobile.brokenCrypto.brokenCrypto", locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
+
+//Used more than once translations
+String LevelName = bundle.getString("challenge2.challengeName");
+String paragraph1 = bundle.getString("challenge2.para1");
+
 ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 if (request.getSession() != null)
 {
@@ -48,24 +57,22 @@ if (request.getSession() != null)
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= LevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
 	
-	</script> 
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
+			<h2 class="title"><%= LevelName %></h2>
 			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
-				<br/>
-				This App uses DES to encrypt it's chat however it's developers have implemented this poorly. The key is in the conversation. Decrypt the chat to get the key.  			
+				<%= paragraph1 %>
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("BrokenCrypto3.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto2.apk " + mobile.getString("mobileBlurb.vmLink.2")  %>
 				
 			</p>
 		</div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp b/SecurityShepherdCore/src/jsp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp
index 7a187e793..1442d7bbf 100644
--- a/SecurityShepherdCore/src/jsp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -27,7 +27,7 @@ String levelName = "SQL Injection Challenge Two";
  String levelHash= "ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b";
 //Translation Stuff
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.sqli." + levelHash, locale);
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.injection." + levelHash, locale);
 //Used more than once translations
 String i18nLevelName = bundle.getString("challenge.challengeName");
 
@@ -57,10 +57,14 @@ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwar
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
@@ -81,7 +85,7 @@ ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwar
 						<%= bundle.getString("challenge.form.pleaseEnter") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="userIdentity" type="text"/>
+						<input style="width: 400px;" id="userIdentity" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.button.value") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp b/SecurityShepherdCore/src/jsp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp
index fc2b2f376..f525ab993 100644
--- a/SecurityShepherdCore/src/jsp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/h8aa0fdc145fb8089661997214cc0e685e5f86a87f30c2ca641e1dde15b01177.jsp
@@ -1,7 +1,8 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
- * Insecure Cryptographic Storage Challenge 2 Accessed
+ * Insecure Cryptographic Storage Challenge 2
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
  * 
@@ -22,6 +23,12 @@
  */
 
 String levelName = "Insecure Cryptographic Storage Challenge 2";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+ //Used more than once translations
+ String i18nLevelName = bundle.getString("insecureCryptoStorage.2.challengename");
  ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
  if (request.getSession() != null)
  {
@@ -46,23 +53,25 @@ String levelName = "Insecure Cryptographic Storage Challenge 2";
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - Insecure Cryptographic Storage Challenge Two</title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title">Insecure Cryptographic Storage Challenge Two</h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
-				The result key has been encrypted to ensure that nobody can finish the 
-				challenge without knowing the secret key to decrypt it. The following form 
-				can be used to check if you have the correct result key.
+				<%= bundle.getString("insecureCryptoStorage.2.whatToDo") %>
 				<br/>
 				<br/>
 				<form id="leForm" action="javascript:;">
 				<table>
 					<tr><td>
-						<input type="text" id="resultKeyAttempt" style="width: 300px;"/></><input type="submit" value="Check Result Key"/>
+						<input type="text" id="resultKeyAttempt" style="width: 300px;"/></><input type="submit" value="<%= bundle.getString("insecureCryptoStorage.2.checkKey") %>"/>
 					</td></tr>
 				</table>
 				</form>
@@ -73,12 +82,12 @@ String levelName = "Insecure Cryptographic Storage Challenge 2";
 		</div>
 		<script>			
 		$("#leForm").submit(function(){
-			//2D encryption
+			// <%= bundle.getString("insecureCryptoStorage.2.hint") %>
 			var input = $("#resultKeyAttempt").val();
 			theKey = "kpoisaijdieyjaf";
 			var theAlphabet =   "ABCDEFGHIJKLMNOPQRSTUVWXYZ" + "abcdefghijklmnopqrstuvwxyz";
 
-			// Validate theKey:
+			// <%= bundle.getString("insecureCyrptoStorage.2.commentedCode.1") %>
 			theKey = theKey.toUpperCase();
 			var theKeysLength = theKey.length;
 			var i;
@@ -93,7 +102,7 @@ String levelName = "Insecure Cryptographic Storage Challenge 2";
 			theKey = adjustedKey;
 			theKeysLength = theKey.length;
 
-			// Transform input:
+			// <%= bundle.getString("insecureCyrptoStorage.2.commentedCode.2") %>
 			var inputLength = input.length;
 			var output = "";
 			var theKeysCurrentIndex = 0;
@@ -117,7 +126,7 @@ String levelName = "Insecure Cryptographic Storage Challenge 2";
 				theKeysCurrentIndex =(theKeysCurrentIndex + 1) % theKeysLength;
 			}
 			
-			//Check result for validity
+			// <%= bundle.getString("insecureCyrptoStorage.2.commentedCode.3") %>
 			$("#resultDiv").hide("fast", function(){
 				if(output == "DwsDagmwhziArpmogWaSmmckwhMoEsmgmxlivpDttfjbjdxqBwxbKbCwgwgUyam")
 					$('#resultDiv').html("<p>Yeah, that's correct</p>");
@@ -125,7 +134,7 @@ String levelName = "Insecure Cryptographic Storage Challenge 2";
 					$('#resultDiv').html("<p>No, that's not correct</p>");
 				$("#resultDiv").show("slow");
 			});
-			//Output the output variable
+			// <%= bundle.getString("insecureCyrptoStorage.2.commentedCode.4") %>
 			/*
 			$("#resultDiv").hide("fast", function(){
 					$('#resultDiv').html("Encrypted Output: " + output);
diff --git a/SecurityShepherdCore/src/jsp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp b/SecurityShepherdCore/src/jsp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp
index 28891b76c..b4a0bb113 100644
--- a/SecurityShepherdCore/src/jsp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c.jsp
@@ -1,5 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
-
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * Insecure Direct Object References Challenge One
@@ -22,7 +22,15 @@
  * @author Mark Denihan
  */
 
-String levelName = "Insecure Direct Object References Challenge One";
+ String levelName = "Insecure Direct Object References Challenge One";
+ String levelHash = "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c";
+ 
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
+//Used more than once translations
+String i18nChallengeName = bundle.getString("challenge.challengeName");
+	
  ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
  if (request.getSession() != null)
  {
@@ -48,15 +56,19 @@ String levelName = "Insecure Direct Object References Challenge One";
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - Insecure Direct Object References Challenge One</title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nChallengeName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title">Insecure Direct Object Reference Challenge One</h2>
+			<h2 class="title"><%= i18nChallengeName %></h2>
 			<p> 
-				The result key for this challenge is stored in the private message for a user that is not listed below...
+				<%= bundle.getString("challenge.whatToDo") %>
 				<br />
 				<br />
 				<center>
@@ -72,8 +84,8 @@ String levelName = "Insecure Direct Object References Challenge One";
 						</select>
 					</td></tr>
 					<tr><td>
-						<div id="submitButton"><input style='width: 300px;' type="submit" value="Show this profile"/></div>
-						<p style="display: none; text-align: center;" id="loadingSign">Loading...</p>
+						<div id="submitButton"><input style='width: 300px;' type="submit" value="<%= bundle.getString("challenge.showProfile") %>"/></div>
+						<p style="display: none; text-align: center;" id="loadingSign"><%= bundle.getString("challenge.loading") %></p>
 					</td></tr>
 					</table>
 				</form>
@@ -89,7 +101,7 @@ String levelName = "Insecure Direct Object References Challenge One";
 				$("#resultsDiv").hide("slow", function(){
 					var ajaxCall = $.ajax({
 						type: "POST",
-						url: "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c",
+						url: "<%= levelHash %>",
 						data: {
 							userId: optionValue
 						},
diff --git a/SecurityShepherdCore/src/jsp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp b/SecurityShepherdCore/src/jsp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp
index e43af419a..0e035405d 100644
--- a/SecurityShepherdCore/src/jsp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/s74a796e84e25b854906d88f622170c1c06817e72b526b3d1e9a6085f429cf52.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -65,10 +65,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= bundle.getString("title.csrf1") %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= bundle.getString("title.csrf1") %></h2>
 			<p> 
@@ -97,7 +101,7 @@
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %>
-					<b> <a><%= encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%= Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>
 				<form id="leForm" action="javascript:;">
 					<table>
diff --git a/SecurityShepherdCore/src/jsp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp b/SecurityShepherdCore/src/jsp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp
index 9b23ca863..6147733f0 100644
--- a/SecurityShepherdCore/src/jsp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/t193c6634f049bcf65cdcac72269eeac25dbb2a6887bdb38873e57d0ef447bc3.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle" %>
 <%
 /**
@@ -55,10 +55,14 @@ String i18nLevelName = bundle.getString("challenge.challengeName");
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= i18nLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp b/SecurityShepherdCore/src/jsp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp
index 7a013f1c4..52356a4e0 100644
--- a/SecurityShepherdCore/src/jsp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/t227357536888e807ff0f0eff751d6034bafe48954575c3a6563cb47a85b1e888.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 
@@ -58,10 +58,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
@@ -72,7 +76,7 @@
 						<%= bundle.getString("challenge.form.instruction") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="searchTerm" type="text"/>
+						<input style="width: 400px;" id="searchTerm" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("challenge.form.getUser") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp b/SecurityShepherdCore/src/jsp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp
index 3658fa0a4..9547aa8c7 100644
--- a/SecurityShepherdCore/src/jsp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4.jsp
@@ -1,5 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
-
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * Insecure Direct Object References Challenge Two
@@ -22,7 +22,15 @@
  * @author Mark Denihan
  */
 
-String levelName = "Insecure Direct Object References Challenge Two";
+ String levelName = "Insecure Direct Object References Challenge Two";
+ String levelHash = "vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.directObject." + levelHash, locale);
+ //Used more than once translations
+ String i18nChallengeName = bundle.getString("challenge.challengeName");
+	
  ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
  if (request.getSession() != null)
  {
@@ -48,15 +56,19 @@ String levelName = "Insecure Direct Object References Challenge Two";
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - Insecure Direct Object References Challenge Two</title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nChallengeName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title">Insecure Direct Object Reference Challenge Two</h2>
+			<h2 class="title"><%= i18nChallengeName %></h2>
 			<p> 
-				The result key for this challenge is stored in the private message for a user that is not listed below...
+				<%= bundle.getString("challenge.whatToDo") %>
 				<br />
 				<br />
 				<center>
@@ -72,8 +84,8 @@ String levelName = "Insecure Direct Object References Challenge Two";
 						</select>
 					</td></tr>
 					<tr><td>
-						<div id="submitButton"><input style='width: 300px;' type="submit" value="Show this profile"/></div>
-						<p style="display: none; text-align: center;" id="loadingSign">Loading...</p>
+						<div id="submitButton"><input style='width: 300px;' type="submit" value="<%= bundle.getString("challenge.showProfile") %>"/></div>
+						<p style="display: none; text-align: center;" id="loadingSign"><%= bundle.getString("challenge.loading") %></p>
 					</td></tr>
 					</table>
 				</form>
@@ -89,7 +101,7 @@ String levelName = "Insecure Direct Object References Challenge Two";
 				$("#resultsDiv").hide("slow", function(){
 					var ajaxCall = $.ajax({
 						type: "POST",
-						url: "vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4",
+						url: "<%= levelHash %>",
 						data: {
 							userId: optionValue
 						},
diff --git a/SecurityShepherdCore/src/jsp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp b/SecurityShepherdCore/src/jsp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp
index a83dbee94..78ef7c3a7 100644
--- a/SecurityShepherdCore/src/jsp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/x9c408d23e75ec92495e0caf9a544edb2ee8f624249f3e920663edb733f15cd7.jsp
@@ -1,5 +1,5 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
-
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
  * Insecure Cryptographic Storage Challenge 1
@@ -22,7 +22,14 @@
  * @author Mark Denihan
  */
 
-String levelName =  "Insecure Cryptographic Storage Challenge 1";
+ String levelName =  "Insecure Cryptographic Storage Challenge 1";
+ 
+ //Translation Stuff
+ Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ ResourceBundle bundle = ResourceBundle.getBundle("i18n.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+ //Used more than once translations
+ String i18nLevelName = bundle.getString("insecureCryptoStorage.1.challengename");
+ 
  ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
  if (request.getSession() != null)
  {
@@ -47,15 +54,19 @@ String levelName =  "Insecure Cryptographic Storage Challenge 1";
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - Insecure Cryptographic Storage Challenge One</title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
-			<h2 class="title">Insecure Cryptographic Storage Challenge One</h2>
+			<h2 class="title"><%= i18nLevelName %></h2>
 			<p> 
-				The result key has been encrypted to ensure that nobody can finish the challenge without knowing the secret key to decrypt it. However, the result key has been encrypted with a famous, but easily broken, Roman cipher.
+				<%= bundle.getString("insecureCryptoStorage.1.whatToDo") %>
 				<br/>
 				<br/>
 				<a>Ymj wjxzqy pjd ktw ymnx qjxxts nx ymj ktqqtbnsl xywnsl; rdqtajqdmtwxjwzssnslymwtzlmymjknjqibmjwjfwjdtzltnslbnymdtzwgnlf</a>
diff --git a/SecurityShepherdCore/src/jsp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp b/SecurityShepherdCore/src/jsp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp
index bc3ec1b93..9a1a745f7 100644
--- a/SecurityShepherdCore/src/jsp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/z311736498a13604705d608fb3171ebf49bc18753b0ec34b8dff5e4f9147eb5e.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -64,10 +64,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= bundle.getString("title.csrf2") %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= bundle.getString("title.csrf2") %></h2>
 			<p> 
@@ -90,7 +94,7 @@
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %> 
-					<b> <a><%=	encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%=	Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>			
 				<form id="leForm" action="javascript:;">
 					<table>
@@ -98,7 +102,7 @@
 						<%= bundle.getString("forum.iframe.whatToDo") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="myMessageAris" type="text"/>
+						<input style="width: 400px;" id="myMessageAris" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("forum.postMessage") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp b/SecurityShepherdCore/src/jsp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp
index 06aa0018f..026b862ee 100644
--- a/SecurityShepherdCore/src/jsp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp
+++ b/SecurityShepherdCore/src/jsp/challenges/z6b2f5ebbe112dd09a6c430a167415820adc5633256a7b44a7d1e262db105e3c.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="java.sql.*,java.io.*,java.net.*,org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder, dbProcs.*, utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 /**
@@ -64,10 +64,14 @@
 <head>
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= bundle.getString("title.csrf3") %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= bundle.getString("title.csrf3") %></h2>
 			<p> 
@@ -90,7 +94,7 @@
 					<h2 class='title'><%= bundle.getString("result.challengeCompleted") %></h2>
 					<p>
 					<%= bundle.getString("result.congratsTheKeyIs") %> 
-					<b> <a><%=encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName"))) %></a></b><br/><br/>
+					<b> <a><%=Hash.generateUserSolution(Getter.getModuleResult(ApplicationRoot, moduleId), (String)ses.getAttribute("userName")) %></a></b><br/><br/>
 				<% } %>		
 				<form id="leForm" action="javascript:;">
 					<table>
diff --git a/SecurityShepherdCore/src/jsp/css/lessonCss/theCss.css b/SecurityShepherdCore/src/jsp/css/lessonCss/theCss.css
index 7e335a429..5dbacea90 100644
--- a/SecurityShepherdCore/src/jsp/css/lessonCss/theCss.css
+++ b/SecurityShepherdCore/src/jsp/css/lessonCss/theCss.css
@@ -5,8 +5,9 @@ body {
 	color: #090212;
 }
 
-body, th, td, input, textarea, select, option {
-	font-family: "Trebuchet MS", "Times New Roman", Arial, Times, serif;
+body, th, td, input, textarea, select, option, p, div {
+	font-family: "Helvetica Neue", Helvetica Arial, "Lucida Grande", sans-serif;
+	word-break: break-all;
 }
 
 h1, h2, h3 {
@@ -153,3 +154,40 @@ td {
 #footer a {
 	color: #FFFFFF;
 }
+
+.tooltipped {
+	position:relative;
+}
+
+.tooltipped::before{
+	position:absolute;
+	z-index:1000001;
+	display:none;
+	width:0;
+	height:0;
+	color:rgba(0,0,0,0.8);
+	pointer-events:none;
+	content:"";
+	border:5px solid;
+}
+
+.tooltipped::after{
+	background: rgba(212, 212, 212, 0.8);
+    border: 2px solid rgba(168, 120, 239, 0.8);
+    border-radius: 3px;
+    content: attr(aria-label);
+    display: inline-block;
+    font:normal normal 11px/1.5 Helvetica,arial,nimbussansl,liberationsans,freesans,clean,sans-serif";
+    letter-spacing: 0.5px;
+    padding: 5px 8px;
+    pointer-events: none;
+    position: absolute;
+    text-align: center;
+    text-decoration: none;
+    text-shadow: none;
+    text-transform: none;
+    white-space: pre;
+    word-wrap: break-word;
+    z-index: 1000000;
+	-webkit-font-smoothing:subpixel-antialiased;
+}
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/css/theCss.css b/SecurityShepherdCore/src/jsp/css/theCss.css
index 55c2126eb..44acbad4d 100644
--- a/SecurityShepherdCore/src/jsp/css/theCss.css
+++ b/SecurityShepherdCore/src/jsp/css/theCss.css
@@ -1,89 +1,89 @@
-body {
-	margin: 0;
-	padding: 0;
-	background: #FFFFFF url(images/grassTile.jpg) repeat-x top center;
-	font-size: 13px;
-	color: #090212;
-}
-
-body, th, td, input, textarea, select, option {
-	font-family: "Trebuchet MS", "Times New Roman", Arial, Times, serif;
-}
-
-h1, h2, h3 {
-	font-weight: normal;
-	color: #0A000A;
-}
-
-h1 {
-	letter-spacing: -2px;
-	font-size: 3em;
-}
-
-h2 {
-	letter-spacing: -1px;
-	font-size: 2em;
+body {
+	margin: 0;
+	padding: 0;
+	background: #FFFFFF url(images/grassTile.jpg) repeat-x top center;
+	font-size: 13px;
+	color: #090212;
+}
+
+body, th, td, input, textarea, select, option, p, div {
+	font-family: "Helvetica Neue", Helvetica Arial, "Lucida Grande", sans-serif;
+}
+
+h1, h2, h3 {
+	font-weight: normal;
+	color: #0A000A;
+}
+
+h1 {
+	letter-spacing: -2px;
+	font-size: 3em;
+}
+
+h2 {
+	letter-spacing: -1px;
+	font-size: 2em;
 }
 
 h2 a {
 	color: #0A000A;
-}
-
-h3 {
-	font-size: 1.5em;
-}
-
-p, ul, ol {
-	line-height: 200%;
-}
-
-a {
-	color: #9B1AC8;
-}
-
-a:hover {
-	text-decoration: none;
-	color: #E6B715;
-}
-
+}
+
+h3 {
+	font-size: 1.5em;
+}
+
+p, ul, ol {
+	line-height: 200%;
+}
+
+a {
+	color: #9B1AC8;
+}
+
+a:hover {
+	text-decoration: none;
+	color: #E6B715;
+}
+
 #wrapper {
-	/* Empty */
-}
-
-#header {
-	width: 757px;
-	height: 240px;
-	margin: 0 auto;
-	background: url(images/shepherdAndSheep.jpg) no-repeat right top;
-}
-
-#header h1, #header p {
-	margin: 0;
-	color: #A878EF;
-}
-
-#header h1 {
-	padding: 65px 0 0 70px;
-}
-
-#header p {
-	padding-left: 73px;
-	margin-top: -10px;
-}
-#header a {
+	/* Empty */
+}
+
+#header {
+	width: 757px;
+	height: 240px;
+	margin: 0 auto;
+	background: url(images/shepherdAndSheep.jpg) no-repeat right top;
+}
+
+#header h1, #header p {
+	margin: 0;
 	color: #A878EF;
-	text-decoration:none;
-}
-
-#page {
-	width: 1000px;
-	margin: 0 auto;
-}
-
-#contentDiv {
-	float: right;
-	width: 685px;
-	margin: 0;
+}
+
+#header h1 {
+	padding: 65px 0 0 70px;
+}
+
+#header p {
+	padding-left: 73px;
+	margin-top: -10px;
+}
+#header a {
+	color: #A878EF;
+	text-decoration:none;
+}
+
+#page {
+	width: 1000px;
+	margin: 0 auto;
+}
+
+#contentDiv {
+	float: right;
+	width: 685px;
+	margin: 0;
 }
 
 .errorMessage {
@@ -104,288 +104,325 @@ a:hover {
 	background: #7B55B4;
 	color:#FFFFFF;
 	padding-left = 10px;
-}
-
-.title {
-	margin: 0;
-	padding-bottom: 5px;
-	border-bottom: 2px solid #A878EF;
-}
-
-#sidebar {
-	width: 250px;
-}
-
-#sidebar ul {
-	margin: 0;
-	padding: 0;
-	list-style: none;
-}
-
-#sidebar li {
-}
-
-#sidebar li ul {
-	padding: 15px 15px;
-}
-
-#sidebar li li {
-	border-bottom: 1px dotted #FFFFFF;
-	padding-left: 15px;
-}
-
-#sidebar h2 {
-	margin: 0;
-	padding: 10px 0 0 40px;
-	height: 40px;
-}
-
-#sidebar a {
-	text-decoration: none;
-}
-
-#sidebar a:hover {
-}
-
-#searchResults {
-	width: 100%;
-}
-
-#searchResults li { 
-	cursor: pointer; 
-	cursor: hand;
-	border-bottom: 1px solid #d4d4d4;
-    padding-left: 5px;
-    padding-right: 5px;
-    width: 90%;
-}
-
-/* Footer */
-
-#footer {
-	clear: both;
-	width: 760px;
-	height: 40px;
-	margin: 0 auto;
-	padding: 20px 0 0 0;
-	background: url(images/footer1.gif) no-repeat left top;
-	text-align: center;
-	font-size: smaller;
-	color: #FFFFFF;
-}
-
-#footer a {
-	color: #FFFFFF;
-}
-
-.menuIcon{
-    position: relative;
-    padding-left: 0.05em;
-    font-size: 3em;
-    display: none;
-    padding-top: 5px;
-}
-
-.menuButton {
-	display: block;
-	border-bottom: 3px solid #A878EF;
-	background: #D4D4D4;
-	padding: 5px 5px;
-	border-radius: 5px;
-	color: black;
-	font-size: 1.5em;
-	text-align: center;
-	text-decoration: none;
-	vertical-align: middle;
-	margin-bottom: 5px;
-   }
-   
-.menuButton:hover {
-   border-top-color: #CC99FF;
-   background: #BFBFBF;
-   }
-.menuButton:active {
-   border-top-color: #8660BF;
-   background: #8660BF;
-   }
-   
-   .scoreBar {
-	background-color: #965BED;
-	height: 30px;
-	position: relative;
-	font-size: 25px;
-	font-weight: bold;
-	padding-left: 5;
-	vertical-align: middle;
-	padding-top: 5;
-	border: white;
-	margin: 0 0 3px 0;
-	min-width: 240px;
-	color: white;
-}
-
-.scoreBar:hover {
-	background-color: #AC7DF2;
-	height: 30px;
-	position: relative;
-	font-size: 25px;
-	font-weight: bold;
-	padding-left: 5;
-	vertical-align: middle;
-	padding-top: 5;
-	border: white;
-	margin: 0 0 3px 0;
-	min-width: 240px;
-	color: white;
-}
-
-.scoreLine{
-	display:inline;
-	min-width: 100%;
-}
-
-.leaderboard{
-	min-width: 100%;
-}
-
-.scoreName{
-	white-space: nowrap;
-	overflow: hidden;
-	text-overflow: ellipsis;
-	display: inline;
-	position: absolute;
-	left: 80px;
-	width: 50%
-}
-
-.place{
-	display: inline; 
-	color: #000000;
-	min-width:25px;
-}
-
-.scoreNumber{
-	display: inline; 
-	float: right;
-	padding-right: 5px;
-	padding-top: 2px;
-	color: white;
-}
-
-.medalContainer {
-	display: inline;
-}
-
-
-.goldMedalAmountBubble {
-	width: 20px;
-	height: 20px;
-	box-shadow: 1px 1px 1px gray;
-	background-color: gold;
-	color: black;
-	font-weight: bold;
-	font-size: 14px;
-	border-radius: 50%;
-	text-align: center;
-	display: inline-block;
-	margin-left: 5px;
-	line-height: 23px;
-}
-
-.silverMedalAmountBubble {
-	width: 20px;
-	height: 20px;
-	box-shadow: 1px 1px 1px gray;
-	background-color: silver;
-	color: black;
-	font-weight: bold;
-	font-size: 14px;
-	border-radius: 50%;
-	text-align: center;
-	display: inline-block;
-	margin-left: 5px;
-	line-height: 23px;
-}
-
-.bronzeMedalAmountBubble {
-	width: 20px;
-	height: 20px;
-	box-shadow: 1px 1px 1px gray;
-	background-color: #CD7F32;
-	color: black;
-	font-weight: bold;
-	font-size: 14px;
-	border-radius: 50%;
-	text-align: center;
-	display: inline-block;
-	margin-left: 5px;
-	line-height: 23px;
-}
-
-.informationBox {
-	display: block; 
-	margin 0; 
-	border-color:#A878EF; 
-	border-style:dashed; 
-	background-color: #D4D4D4; 
-	padding-top:5px; 
-	padding-bottom:5px; 
-	padding-right:5px; 
-	padding-left:5px;
-	margin-bottom: 5px;
-}
-
-.cheatBox {
-	float: right; 
-	margin 0; 
-	width: 685px;
-	border-color:#A878EF;
-	border-style:dashed;
-	background-color: #D4D4D4;
-	padding-top:5px;
-	padding-bottom:5px;
-	padding-right:5px;
-	padding-left:5px;
-	margin-bottom:10px;
-}
-
-.moduleSearchBox{
-	height: 26px;
-	width: 100%;
-	padding: 0 12px 0 25px;
-	background: white url("images/searchIcon.png") 8px 6px no-repeat;
-	border-width: 1px;
-	border-style: solid;
-	border-color: #BFBFBF #BFBFBF #BFBFBF;
-	border-radius: 13px;
-	margin-top: 2px;
-	-webkit-box-sizing: border-box;
-	-moz-box-sizing: border-box;
-	-ms-box-sizing: border-box;
-	-o-box-sizing: border-box;
-	box-sizing: border-box;
-	-webkit-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-	-moz-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-	-ms-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-	-o-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-	box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
-}
-
-.resultbox{
-	width: 620px;
-}
-
-#submitResult{
-	display: none; 
-	float: right; 
-}
-
-.levelIframe{
-	word-wrap: break-word;
-	width: 100%;
-	height: 2056px;
-}
-
-.levelList{
-	max-height: 230px; 
+}
+
+.title {
+	margin: 0;
+	padding-bottom: 5px;
+	border-bottom: 2px solid #A878EF;
+}
+
+#sidebar {
+	width: 250px;
+}
+
+#sidebar ul {
+	margin: 0;
+	padding: 0;
+	list-style: none;
+}
+
+#sidebar li {
+}
+
+#sidebar li ul {
+	padding: 15px 15px;
+}
+
+#sidebar li li {
+	border-bottom: 1px dotted #FFFFFF;
+	padding-left: 15px;
+}
+
+#sidebar h2 {
+	margin: 0;
+	padding: 10px 0 0 40px;
+	height: 40px;
+}
+
+#sidebar a {
+	text-decoration: none;
+}
+
+#sidebar a:hover {
+}
+
+#searchResults {
+	width: 100%;
+}
+
+#searchResults li { 
+	cursor: pointer; 
+	cursor: hand;
+	border-bottom: 1px solid #d4d4d4;
+    padding-left: 5px;
+    padding-right: 5px;
+    width: 90%;
+}
+
+/* Footer */
+
+#footer {
+	clear: both;
+	width: 760px;
+	height: 40px;
+	margin: 0 auto;
+	padding: 20px 0 0 0;
+	background: url(images/footer1.gif) no-repeat left top;
+	text-align: center;
+	font-size: smaller;
+	color: #FFFFFF;
+}
+
+#footer a {
+	color: #FFFFFF;
+}
+
+.menuIcon{
+    position: relative;
+    padding-left: 0.05em;
+    font-size: 3em;
+    display: none;
+    padding-top: 5px;
+}
+
+.menuButton {
+	display: block;
+	border-bottom: 3px solid #A878EF;
+	background: #D4D4D4;
+	padding: 5px 5px;
+	border-radius: 5px;
+	color: black;
+	font-size: 1.5em;
+	text-align: center;
+	text-decoration: none;
+	vertical-align: middle;
+	margin-bottom: 5px;
+   }
+   
+.menuButton:hover {
+   border-top-color: #CC99FF;
+   background: #BFBFBF;
+   }
+.menuButton:active {
+   border-top-color: #8660BF;
+   background: #8660BF;
+   }
+   
+   .scoreBar {
+	background-color: #965BED;
+	height: 30px;
+	position: relative;
+	font-size: 25px;
+	font-weight: bold;
+	padding-left: 5;
+	vertical-align: middle;
+	padding-top: 5;
+	border: white;
+	margin: 0 0 3px 0;
+	min-width: 240px;
+	color: white;
+}
+
+.scoreBar:hover {
+	background-color: #AC7DF2;
+	height: 30px;
+	position: relative;
+	font-size: 25px;
+	font-weight: bold;
+	padding-left: 5;
+	vertical-align: middle;
+	padding-top: 5;
+	border: white;
+	margin: 0 0 3px 0;
+	min-width: 240px;
+	color: white;
+}
+
+.scoreLine{
+	display:inline;
+	min-width: 100%;
+}
+
+.leaderboard{
+	min-width: 100%;
+}
+
+.scoreName{
+	white-space: nowrap;
+	overflow: hidden;
+	text-overflow: ellipsis;
+	display: inline;
+	position: absolute;
+	left: 80px;
+	width: 50%
+}
+
+.place{
+	display: inline; 
+	color: #000000;
+	min-width:25px;
+}
+
+.scoreNumber{
+	display: inline; 
+	float: right;
+	padding-right: 5px;
+	padding-top: 2px;
+	color: white;
+}
+
+.medalContainer {
+	display: inline;
+}
+
+
+.goldMedalAmountBubble {
+	width: 20px;
+	height: 20px;
+	box-shadow: 1px 1px 1px gray;
+	background-color: gold;
+	color: black;
+	font-weight: bold;
+	font-size: 14px;
+	border-radius: 50%;
+	text-align: center;
+	display: inline-block;
+	margin-left: 5px;
+	line-height: 23px;
+}
+
+.silverMedalAmountBubble {
+	width: 20px;
+	height: 20px;
+	box-shadow: 1px 1px 1px gray;
+	background-color: silver;
+	color: black;
+	font-weight: bold;
+	font-size: 14px;
+	border-radius: 50%;
+	text-align: center;
+	display: inline-block;
+	margin-left: 5px;
+	line-height: 23px;
+}
+
+.bronzeMedalAmountBubble {
+	width: 20px;
+	height: 20px;
+	box-shadow: 1px 1px 1px gray;
+	background-color: #CD7F32;
+	color: black;
+	font-weight: bold;
+	font-size: 14px;
+	border-radius: 50%;
+	text-align: center;
+	display: inline-block;
+	margin-left: 5px;
+	line-height: 23px;
+}
+
+.informationBox {
+	display: block; 
+	margin 0; 
+	border-color:#A878EF; 
+	border-style:dashed; 
+	background-color: #D4D4D4; 
+	padding-top:5px; 
+	padding-bottom:5px; 
+	padding-right:5px; 
+	padding-left:5px;
+	margin-bottom: 5px;
+}
+
+.cheatBox {
+	float: right; 
+	margin 0; 
+	width: 685px;
+	border-color:#A878EF;
+	border-style:dashed;
+	background-color: #D4D4D4;
+	padding-top:5px;
+	padding-bottom:5px;
+	padding-right:5px;
+	padding-left:5px;
+	margin-bottom:10px;
+}
+
+.moduleSearchBox{
+	height: 26px;
+	width: 100%;
+	padding: 0 12px 0 25px;
+	background: white url("images/searchIcon.png") 8px 6px no-repeat;
+	border-width: 1px;
+	border-style: solid;
+	border-color: #BFBFBF #BFBFBF #BFBFBF;
+	border-radius: 13px;
+	margin-top: 2px;
+	-webkit-box-sizing: border-box;
+	-moz-box-sizing: border-box;
+	-ms-box-sizing: border-box;
+	-o-box-sizing: border-box;
+	box-sizing: border-box;
+	-webkit-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	-moz-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	-ms-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	-o-box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+	box-shadow: inset 0 1px #e5e7ed, 0 1px 0 #fcfcfc;
+}
+
+.resultbox{
+	width: 620px;
+}
+
+#submitResult{
+	display: none; 
+	float: right; 
+}
+
+.levelIframe{
+	word-wrap: break-word;
+	width: 100%;
+	height: 2056px;
+}
+
+.levelList{
+	max-height: 230px; 
+}
+
+.tooltipped {
+	position:relative;
+}
+
+.tooltipped::before{
+	position:absolute;
+	z-index:1000001;
+	display:none;
+	width:0;
+	height:0;
+	color:rgba(0,0,0,0.8);
+	pointer-events:none;
+	content:"";
+	border:5px solid;
+}
+
+.tooltipped::after{
+	background: rgba(212, 212, 212, 0.8);
+    border: 2px solid rgba(168, 120, 239, 0.8);
+    border-radius: 3px;
+    content: attr(aria-label);
+    display: inline-block;
+    font:normal normal 11px/1.5 Helvetica,arial,nimbussansl,liberationsans,freesans,clean,sans-serif";
+    letter-spacing: 0.5px;
+    padding: 5px 8px;
+    pointer-events: none;
+    position: absolute;
+    text-align: center;
+    text-decoration: none;
+    text-shadow: none;
+    text-transform: none;
+    white-space: pre;
+    word-wrap: break-word;
+    z-index: 1000000;
+	-webkit-font-smoothing:subpixel-antialiased;
 }
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/css/theResponsiveCss.css b/SecurityShepherdCore/src/jsp/css/theResponsiveCss.css
index 904470808..810ec7402 100644
--- a/SecurityShepherdCore/src/jsp/css/theResponsiveCss.css
+++ b/SecurityShepherdCore/src/jsp/css/theResponsiveCss.css
@@ -20,7 +20,7 @@
 		border-top: 3px solid #A878EF;
 		border-right: 3px solid #A878EF;
 		position: absolute;
-		height: 100%;
+		height: 150%;
 		border-radius: 2px;
 		text-decoration: none;
 		vertical-align: top;
diff --git a/SecurityShepherdCore/src/jsp/getStarted.jsp b/SecurityShepherdCore/src/jsp/getStarted.jsp
index c58651435..87b3a8a1b 100644
--- a/SecurityShepherdCore/src/jsp/getStarted.jsp
+++ b/SecurityShepherdCore/src/jsp/getStarted.jsp
@@ -92,7 +92,6 @@ if(!changePassword)
 			<div id="scopeLoadingDiv" style="display: none;"><fmt:message key="generic.text.loading" /></div>
 			</p>
 			<% } %>
-			<br/><br/>
 			<fmt:message key="getStarted.text.checkShepConfigMsg" /></a>.
 		</div>
 		<br/>
@@ -102,6 +101,9 @@ if(!changePassword)
 	</div>
 	</div>
 	<script>
+	var theCsrfToken = "<%= csrfToken %>";
+	var theRefreshError = "Could not Refresh Menu";
+	
 	$('#getStarted').slideDown("slow");
 	$('#cantSee').html("<iframe class='levelIframe' frameborder='no' id='theStart' src='readyToPlay.jsp?ThreadSequenceId=<%=encoder.encodeForHTMLAttribute(encoder.encodeForURL(threadId))%>'></iframe>");
 	$('#cantSee').html(function(){
@@ -133,6 +135,8 @@ if(!changePassword)
 			$("#scopeLoadingDiv").hide("fast", function(){
 				$("#setScopeDiv").slideDown("slow", function(){
 					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
 				});
 			});
 			$("html, body").animate({ scrollTop: 0 }, "fast");
@@ -162,6 +166,8 @@ if(!changePassword)
 			$("#scopeLoadingDiv").hide("fast", function(){
 				$("#setScopeDiv").slideDown("slow", function(){
 					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
 				});
 			});
 			$("html, body").animate({ scrollTop: 0 }, "fast");
@@ -191,6 +197,8 @@ if(!changePassword)
 			$("#scopeLoadingDiv").hide("fast", function(){
 				$("#setScopeDiv").slideDown("slow", function(){
 					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
 				});
 			});
 			$("html, body").animate({ scrollTop: 0 }, "fast");
@@ -220,6 +228,8 @@ if(!changePassword)
 			$("#scopeLoadingDiv").hide("fast", function(){
 				$("#setScopeDiv").slideDown("slow", function(){
 					$("#scopeResultsDiv").show ("fast");
+					//Refresh the Side Menu
+					refreshSideMenu(theCsrfToken, theRefreshError);
 				});
 			});
 			$("html, body").animate({ scrollTop: 0 }, "fast");
diff --git a/SecurityShepherdCore/src/jsp/index.jsp b/SecurityShepherdCore/src/jsp/index.jsp
index e6227cb00..8f2a1db33 100644
--- a/SecurityShepherdCore/src/jsp/index.jsp
+++ b/SecurityShepherdCore/src/jsp/index.jsp
@@ -84,7 +84,7 @@ if (request.getSession() != null)
 		<jsp:include page="translation-select.jsp" />
 		<div id="header">
 			<h1>Security Shepherd</h1>
-			<div style="position: absolute; top: 12px; right: 100px;">
+			<div style="position: absolute; top: 12px; right: 130px;">
 				<p>
 					<strong><%= userName %>&nbsp;&#x7c;&nbsp;<a href="logout?csrfToken=<%= csrfToken %>"><fmt:message key="generic.text.logout" /></a></strong>
 				</p>
@@ -114,7 +114,7 @@ if (request.getSession() != null)
 			<div id="contentDiv">
 				<!-- Ajax Div -->
 			</div>
-			<div id="theSidebarWrapper" class="sidebarWrapper">
+			<div id="theSidebarWrapper" class="sidebarWrapper" onmouseover="resizeSidebar()">
 				<div class="menuIcon">
 					&#9776;
 				</div>
@@ -175,6 +175,7 @@ if (request.getSession() != null)
 						</div>
 						<% } %>					
 						<div id="levelListDiv">
+							<div id="sideMenuWrapper">
 							<% if(ModulePlan.isOpenFloor()) { %>
 								<li>
 									<a id="lessonList" href="javascript:;"><div class="menuButton"><fmt:message key="generic.text.lessons" /></div></a>
@@ -190,16 +191,16 @@ if (request.getSession() != null)
 								</li>
 							<% } else {
 								if(ModulePlan.isIncrementalFloor()){ %>
-									<div id="sideMenuWrapper">
-										<%= Getter.getIncrementalModules(ApplicationRoot, (String)ses.getAttribute("userStamp"), ses.getAttribute("lang").toString() ,csrfToken) %>
-									</div>
+										<%= Getter.getIncrementalModulesWithoutScript(ApplicationRoot, (String)ses.getAttribute("userStamp"), ses.getAttribute("lang").toString() ,csrfToken) %>
 								<% } else {%>
 								<li>
 									<%= Getter.getTournamentModules(ApplicationRoot, (String)ses.getAttribute("userStamp"), lang) %>
 								</li>
 								<% }
 							} //End of Module List Output %>
+							</div>
 						</div>
+						<div id="menuRefreshLoadingDiv"></div>
 						<div>
 							<input id="searchModules" class="moduleSearchBox" type="search" placeholder="<fmt:message key="generic.text.searchModules" />...">
 						</div>
@@ -207,17 +208,22 @@ if (request.getSession() != null)
 							<!-- Results from module search go here -->
 						</div> 
 						<script>
-							//Make list for module search box
-							console.log("Making Search List...");
-							var availableModules = [];
-							$(".lesson").each(function(index){
-								availableModules.push($(this).text());
-							}); //Make array out of available modules listed
-							console.log(availableModules.length + " modules added to search list");
-							$("#searchModules").autocomplete({
-								source: availableModules,
-								appendTo: "#searchResults"
-							});
+							function makeSearchList() {
+								//Make list for module search box
+								console.log("Making Search List...");
+								var availableModules = [];
+								$(".lesson").each(function(index){
+									availableModules.push($(this).text());
+								}); //Make array out of available modules listed
+								console.log(availableModules.length + " modules added to search list");
+								$("#searchModules").autocomplete({
+									source: availableModules,
+									appendTo: "#searchResults"
+								});
+							}
+							
+							//Make Search List
+							makeSearchList();
 							
 							$("#searchModules").on("autocompleteselect", function( event, ui ) {
 								var toOpen = ui.item.value
@@ -252,8 +258,14 @@ if (request.getSession() != null)
 			</div> <!-- End of Sidebar Wrapper -->
 		</div>
 		</div>
-		<script src="js/toggle.js"></script>
-		<script src="js/ajaxCalls.js"></script>
+		<script>
+		$("#contentDiv").load("getStarted.jsp", function(response, status, xhr) {
+			if (status == "error") {
+			var msg = "Sorry but there was an error: ";
+			$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
+		  }
+		});
+		</script>
 		
 		<% //Hide UI Scripts from Users (Blocked at session level anyway, just stops spiders finding the links)
 		if (userRole.compareTo("admin") == 0){ %>
@@ -571,30 +583,85 @@ if (request.getSession() != null)
 		<% } %>
 		
 		<script>
-		<% if (!ModulePlan.isIncrementalFloor()) { 
-			// If the Incremental Floor Plan is being used, a Specific Script is added by the Method 
-			// which generates the Menu. If these are still in the dom when that happens, 
-			// the browser will request each level twice %>
-			$(".challenge").click(function(){
-				var whatFile = $(this).attr('id');
-				$("#currentModule").val(whatFile);
-				var theActualFile = "";
-				$("#solutionDiv").hide("fast");
-				$("#contentDiv").slideUp("slow", function(){
-					var ajaxCall = $.ajax({
-						type: "POST",
-						url: "getModule",
-						data: {
-							moduleId: whatFile,
-							csrfToken: "<%= csrfToken %>"
-						},
-						async: false
+			function applyMenuButtonActionsOpenOrTourney(theCsrfToken, theErrorMessage){
+				console.log("Applying Menu Actions For Open/Tourney");
+				
+				$(".challenge").click(function(){
+					var whatFile = $(this).attr('id');
+					$("#currentModule").val(whatFile);
+					var theActualFile = "";
+					$("#solutionDiv").hide("fast");
+					$("#contentDiv").slideUp("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "getModule",
+							data: {
+								moduleId: whatFile,
+								csrfToken: theCsrfToken
+							},
+							async: false
+						});
+						if(ajaxCall.status == 200)
+						{
+							theActualFile = ajaxCall.responseText;
+							$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theChallenge' src='" + theActualFile + "'></iframe>");
+							$("#theChallenge").load(function(){
+								<% if(showCheatSheet) { %>
+									$("#submitResult").slideDown("fast", function(){
+										$("#cheatSheetButton").slideDown("fast", function(){
+											$("#contentDiv").slideDown("slow", function(){
+												var scrollTo = $("#moduleResult").offset().top;
+												scrollTo = scrollTo - 60;
+												console.log("Scroll Up to: " + scrollTo);
+												$('html, body').animate({
+													scrollTop: scrollTo
+												}, 1000);
+											});
+										});
+									});
+								<% } else { %>
+									$("#submitResult").slideDown("fast", function(){
+										$("#contentDiv").slideDown("slow", function(){
+											var scrollTo = $("#moduleResult").offset().top;
+											scrollTo = scrollTo - 60;
+											console.log("Scroll Up to: " + scrollTo);
+											$('html, body').animate({
+												scrollTop: scrollTo
+											}, 1000);
+										});
+									});
+								<% } %>
+							}).appendTo('#contentDiv');
+							$("#theSidebarWrapper").height($("#contentDiv").height());
+						}
+						else
+						{
+							$('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#contentDiv").slideDown("slow");
+						}
 					});
-					if(ajaxCall.status == 200)
-					{
-						theActualFile = ajaxCall.responseText;
-						$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theChallenge' src='" + theActualFile + "'></iframe>");
-						$("#theChallenge").load(function(){
+				});	
+		
+				$(".lesson").click(function(){
+					var whatFile = $(this).attr('id');
+					$("#currentModule").val(whatFile);
+					var theActualFile = "";
+					$("#solutionDiv").hide("fast");
+					$("#contentDiv").slideUp("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "getModule",
+							data: {
+								moduleId: whatFile,
+								csrfToken: theCsrfToken
+							},
+							async: false
+						});
+						if(ajaxCall.status == 200)
+						{
+							theActualFile = ajaxCall.responseText;
+							$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theLesson' src='" + theActualFile + "'></iframe>");
+							$("#theLesson").load(function(){
 							<% if(showCheatSheet) { %>
 								$("#submitResult").slideDown("fast", function(){
 									$("#cheatSheetButton").slideDown("fast", function(){
@@ -620,71 +687,94 @@ if (request.getSession() != null)
 									});
 								});
 							<% } %>
-						}).appendTo('#contentDiv');
-					}
-					else
-					{
-						$('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-						$("#contentDiv").slideDown("slow");
-					}
+							}).appendTo('#contentDiv');
+							$("#theSidebarWrapper").height($("#contentDiv").height());
+						}
+						else
+						{
+							$('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+							$("#contentDiv").slideDown("slow");
+						}
+					});
 				});
-			});	
-	
-			$(".lesson").click(function(){
-				var whatFile = $(this).attr('id');
-				$("#currentModule").val(whatFile);
-				var theActualFile = "";
-				$("#solutionDiv").hide("fast");
-				$("#contentDiv").slideUp("slow", function(){
-					var ajaxCall = $.ajax({
-						type: "POST",
-						url: "getModule",
-						data: {
-							moduleId: whatFile,
-							csrfToken: "<%= csrfToken %>"
-						},
+			}
+			
+			function applyMenuButtonActionsCtfMode(theCsrfToken, theErrorMessage){
+				console.log("Applying JS Functions to Incremental Menu Buttons");
+				
+				$("#completedList").click(function () {
+					$("#theCompletedList").toggle("slow");
+					$("#theUncompletedList").hide("fast");
+					$("#theAdminList").hide("fast");
+				});
+		
+				$("#uncompletedList").click(function () {
+					$("#theUncompletedList").toggle("slow");
+					$("#theCompletedList").hide("fast");
+					$("#theAdminList").hide("fast");
+				});
+		
+				$(".lesson").click(function(){
+					var whatFile = $(this).attr('id');	
+					$("#currentModule").val(whatFile);	
+					var theActualFile = "";	
+					$("#solutionDiv").hide("fast");	
+					$("#contentDiv").slideUp("slow", function(){
+						var ajaxCall = $.ajax({
+							type: "POST",
+							url: "getModule",
+							data: {
+								moduleId: whatFile,
+								csrfToken: theCsrfToken
+							},
 						async: false
+						});
+						if(ajaxCall.status == 200) {
+							theActualFile = ajaxCall.responseText;
+							$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theLesson' src='" + theActualFile + "'></iframe>");			
+							$("#theLesson").load(function(){
+								$("#submitResult").slideDown("fast", function(){
+									$("#contentDiv").slideDown("slow");
+								});
+							}).appendTo('#contentDiv');
+						} else {			
+							$('#contentDiv').html("<p> " + theErrorMessage + ": " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");			
+							$("#contentDiv").slideDown("slow");
+						}
 					});
+				});
+			}
+		<% if(ModulePlan.isIncrementalFloor()) { %>
+			applyMenuButtonActionsCtfMode('<%= encoder.encodeForHTML(csrfToken) %>', "<fmt:message key="generic.text.sorryError"/>");
+		<% } //End of if(CTF Mode Enabled) %>
+		<% if (!ModulePlan.isIncrementalFloor()) {%>
+			applyMenuButtonActionsOpenOrTourney('<%= encoder.encodeForHTML(csrfToken) %>', "<fmt:message key="generic.text.sorryError"/>");
+		<% } // End of Not CTF Mode If%>
+		//RefreshModuleFormScript
+		function refreshSideMenu(theCsrfToken, localErrorMessage){
+			$("#menuRefreshLoadingDiv").show("fast");
+			$("#sideMenuWrapper").slideUp("fast", function(){
+				var ajaxCall = $.ajax({
+					type: "POST",
+					url: "refreshMenu",
+					data: {
+						csrfToken: theCsrfToken
+					},
+					async: false
+				});
+				$("#menuRefreshLoadingDiv").slideUp("fast", function(){
 					if(ajaxCall.status == 200)
 					{
-						theActualFile = ajaxCall.responseText;
-						$('#contentDiv').html("<iframe frameborder='no' class='levelIframe' id='theLesson' src='" + theActualFile + "'></iframe>");
-						$("#theLesson").load(function(){
-						<% if(showCheatSheet) { %>
-							$("#submitResult").slideDown("fast", function(){
-								$("#cheatSheetButton").slideDown("fast", function(){
-									$("#contentDiv").slideDown("slow", function(){
-										var scrollTo = $("#moduleResult").offset().top;
-										scrollTo = scrollTo - 60;
-										console.log("Scroll Up to: " + scrollTo);
-										$('html, body').animate({
-											scrollTop: scrollTo
-										}, 1000);
-									});
-								});
-							});
-						<% } else { %>
-							$("#submitResult").slideDown("fast", function(){
-								$("#contentDiv").slideDown("slow", function(){
-									var scrollTo = $("#moduleResult").offset().top;
-									scrollTo = scrollTo - 60;
-									console.log("Scroll Up to: " + scrollTo);
-									$('html, body').animate({
-										scrollTop: scrollTo
-									}, 1000);
-								});
-							});
-						<% } %>
-						}).appendTo('#contentDiv');
+						$("#sideMenuWrapper").html(ajaxCall.responseText);
 					}
 					else
 					{
-						$('#contentDiv').html("<p> <fmt:message key="generic.text.sorryError" />: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-						$("#contentDiv").slideDown("slow");
+						$("#sideMenuWrapper").append("<br/><font color='red'>" + localErrorMessage + ": " + ajaxCall.status + "</font>");
 					}
+					$('#sideMenuWrapper').slideDown('slow');
 				});
 			});
-		<% } //End of if(CTF Mode Enabled) %>
+		}
 
 		$("#resultForm").submit(function(){
 			var theKey = $("#moduleResult").val();
@@ -756,7 +846,40 @@ if (request.getSession() != null)
 		});
 		<% } %>
 		
-		<% if(ModulePlan.tornyFloor){%>
+		$(".successAlert").click(function(){
+			alert("successAlert click");
+			$(this).hide("slide", { direction: "left" }, 1000);
+		});
+
+		$(".errorAlert").click(function(){
+			$(this).hide("slide", { direction: "left" }, 1000);
+		});
+
+		function openFloorToggleFunctions() {
+			console.log("Enabling Open Floor Toggle Funtions");
+			
+			$("#lessonList").click(function () {
+				$("#theLessonList").toggle("slow");
+				$("#theChallengeList").hide("fast");
+				$("#theAdminList").hide("fast");
+			});   
+
+			$("#challengeList").click(function () {
+				$("#theChallengeList").toggle("slow");
+				$("#theLessonList").hide("fast");
+				$("#theAdminList").hide("fast");
+			});
+
+			$(".challengeHeader").click(function(){
+				$(".challengeList").hide("fast");
+				$(this).parent().find(".challengeList").show("slow");
+			});
+		}
+		openFloorToggleFunctions();
+		
+		function tournamentToggleFunctions() {
+			console.log("Enablig Tournament Toggle Functions");
+			
 			$("#fieldTrainingList").click(function () {
 				$("#theFieldTrainingList").toggle("slow");
 				$("#theCorporalList").hide("fast");
@@ -825,19 +948,42 @@ if (request.getSession() != null)
 				$("#theMajorList").hide("fast");
 				$("#thePrivateList").hide("fast");
 				$("#theLieutenantList").hide("fast");
-			}); 
-			
+			}); 	
+		}
+		
+		<% if(ModulePlan.tornyFloor) { %>
+			tournamentToggleFunctions();
 		<% } %>
+		
+		function resizeSidebar() {
+			//Make Sidebar as Long as Page
+			if($("#contentDiv").height() > 700) {
+				console.log("Updating Sidebar Length to " + $("#contentDiv").height());
+				$("#theSidebarWrapper").height($("#contentDiv").height());
+			} else{
+				console.log("Setting Sidebar to 130% because  " + $("#contentDiv").height() + "px is too short.");
+				$("#theSidebarWrapper").height("130%");
+			}
+		}
 		</script>
 		<script>
 			(function($){
 		        $(window).load(function(){
+		        	console.log("Initialising Custom Scrollbars (If Any)");
 		            $(".levelList").mCustomScrollbar({
 		            	theme:"dark-thin",
 		            	mouseWheel:{ scrollAmount: 120 }
 		            });
 		        });
 		    })(jQuery);
+			
+			function startScrollsBars(){
+				console.log("Initialising Custom Scrollbars Again (If Any)");
+				$(".levelList").mCustomScrollbar({
+	            	theme:"dark-thin",
+	            	mouseWheel:{ scrollAmount: 120 }
+	            });
+			}
 		</script>
 		<!-- <fmt:message key="generic.text.commentMessage.1" /> 
 		<fmt:message key="generic.text.commentMessage.2" /> 
diff --git a/SecurityShepherdCore/src/jsp/js/ajaxCalls.js b/SecurityShepherdCore/src/jsp/js/ajaxCalls.js
deleted file mode 100644
index 8eb834d3b..000000000
--- a/SecurityShepherdCore/src/jsp/js/ajaxCalls.js
+++ /dev/null
@@ -1,25 +0,0 @@
-/**
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- * 
- * @author Mark Denihan
- */
- 
-$("#contentDiv").load("getStarted.jsp", function(response, status, xhr) {
-	if (status == "error") {
-	var msg = "Sorry but there was an error: ";
-	$("#contentDiv").html("<p>" + msg + xhr.status + " " + xhr.statusText + "</p>");
-  }
-});
diff --git a/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard-events.js b/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard-events.js
new file mode 100644
index 000000000..1f7d1ceb5
--- /dev/null
+++ b/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard-events.js
@@ -0,0 +1,22 @@
+var clipboardDemos;
+
+function prepClipboardEvents() {
+	clipboardDemos = new Clipboard('[data-clipboard-shepherd]');
+
+	clipboardDemos.on('success', function(e) {
+	    e.clearSelection();
+	
+	    console.info('Action:', e.action);
+	    console.info('Text:', e.text);
+	    console.info('Trigger:', e.trigger);
+	
+	    showTooltip(e.trigger, 'Copied!');
+	});
+	
+	clipboardDemos.on('error', function(e) {
+	    console.error('Action:', e.action);
+	    console.error('Trigger:', e.trigger);
+	
+	    showTooltip(e.trigger, fallbackMessage(e.action));
+	});
+}
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard.js b/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard.js
new file mode 100644
index 000000000..2f553defa
--- /dev/null
+++ b/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard.js
@@ -0,0 +1,614 @@
+(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.Clipboard = f()}})(function(){var define,module,exports;return (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){
+/**
+ * Module dependencies.
+ */
+
+var closest = require('closest')
+  , event = require('component-event');
+
+/**
+ * Delegate event `type` to `selector`
+ * and invoke `fn(e)`. A callback function
+ * is returned which may be passed to `.unbind()`.
+ *
+ * @param {Element} el
+ * @param {String} selector
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @return {Function}
+ * @api public
+ */
+
+// Some events don't bubble, so we want to bind to the capture phase instead
+// when delegating.
+var forceCaptureEvents = ['focus', 'blur'];
+
+exports.bind = function(el, selector, type, fn, capture){
+  if (forceCaptureEvents.indexOf(type) !== -1) capture = true;
+
+  return event.bind(el, type, function(e){
+    var target = e.target || e.srcElement;
+    e.delegateTarget = closest(target, selector, true, el);
+    if (e.delegateTarget) fn.call(el, e);
+  }, capture);
+};
+
+/**
+ * Unbind event `type`'s callback `fn`.
+ *
+ * @param {Element} el
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @api public
+ */
+
+exports.unbind = function(el, type, fn, capture){
+  if (forceCaptureEvents.indexOf(type) !== -1) capture = true;
+
+  event.unbind(el, type, fn, capture);
+};
+
+},{"closest":2,"component-event":4}],2:[function(require,module,exports){
+var matches = require('matches-selector')
+
+module.exports = function (element, selector, checkYoSelf) {
+  var parent = checkYoSelf ? element : element.parentNode
+
+  while (parent && parent !== document) {
+    if (matches(parent, selector)) return parent;
+    parent = parent.parentNode
+  }
+}
+
+},{"matches-selector":3}],3:[function(require,module,exports){
+
+/**
+ * Element prototype.
+ */
+
+var proto = Element.prototype;
+
+/**
+ * Vendor function.
+ */
+
+var vendor = proto.matchesSelector
+  || proto.webkitMatchesSelector
+  || proto.mozMatchesSelector
+  || proto.msMatchesSelector
+  || proto.oMatchesSelector;
+
+/**
+ * Expose `match()`.
+ */
+
+module.exports = match;
+
+/**
+ * Match `el` to `selector`.
+ *
+ * @param {Element} el
+ * @param {String} selector
+ * @return {Boolean}
+ * @api public
+ */
+
+function match(el, selector) {
+  if (vendor) return vendor.call(el, selector);
+  var nodes = el.parentNode.querySelectorAll(selector);
+  for (var i = 0; i < nodes.length; ++i) {
+    if (nodes[i] == el) return true;
+  }
+  return false;
+}
+},{}],4:[function(require,module,exports){
+var bind = window.addEventListener ? 'addEventListener' : 'attachEvent',
+    unbind = window.removeEventListener ? 'removeEventListener' : 'detachEvent',
+    prefix = bind !== 'addEventListener' ? 'on' : '';
+
+/**
+ * Bind `el` event `type` to `fn`.
+ *
+ * @param {Element} el
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @return {Function}
+ * @api public
+ */
+
+exports.bind = function(el, type, fn, capture){
+  el[bind](prefix + type, fn, capture || false);
+  return fn;
+};
+
+/**
+ * Unbind `el` event `type`'s callback `fn`.
+ *
+ * @param {Element} el
+ * @param {String} type
+ * @param {Function} fn
+ * @param {Boolean} capture
+ * @return {Function}
+ * @api public
+ */
+
+exports.unbind = function(el, type, fn, capture){
+  el[unbind](prefix + type, fn, capture || false);
+  return fn;
+};
+},{}],5:[function(require,module,exports){
+function E () {
+	// Keep this empty so it's easier to inherit from
+  // (via https://github.com/lipsmack from https://github.com/scottcorgan/tiny-emitter/issues/3)
+}
+
+E.prototype = {
+	on: function (name, callback, ctx) {
+    var e = this.e || (this.e = {});
+    
+    (e[name] || (e[name] = [])).push({
+      fn: callback,
+      ctx: ctx
+    });
+    
+    return this;
+  },
+
+  once: function (name, callback, ctx) {
+    var self = this;
+    var fn = function () {
+      self.off(name, fn);
+      callback.apply(ctx, arguments);
+    };
+    
+    return this.on(name, fn, ctx);
+  },
+
+  emit: function (name) {
+    var data = [].slice.call(arguments, 1);
+    var evtArr = ((this.e || (this.e = {}))[name] || []).slice();
+    var i = 0;
+    var len = evtArr.length;
+    
+    for (i; i < len; i++) {
+      evtArr[i].fn.apply(evtArr[i].ctx, data);
+    }
+    
+    return this;
+  },
+
+  off: function (name, callback) {
+    var e = this.e || (this.e = {});
+    var evts = e[name];
+    var liveEvents = [];
+    
+    if (evts && callback) {
+      for (var i = 0, len = evts.length; i < len; i++) {
+        if (evts[i].fn !== callback) liveEvents.push(evts[i]);
+      }
+    }
+    
+    // Remove event from queue to prevent memory leak
+    // Suggested by https://github.com/lazd
+    // Ref: https://github.com/scottcorgan/tiny-emitter/commit/c6ebfaa9bc973b33d110a84a307742b7cf94c953#commitcomment-5024910
+
+    (liveEvents.length) 
+      ? e[name] = liveEvents
+      : delete e[name];
+    
+    return this;
+  }
+};
+
+module.exports = E;
+
+},{}],6:[function(require,module,exports){
+/**
+ * Inner class which performs selection from either `text` or `target`
+ * properties and then executes copy or cut operations.
+ */
+'use strict';
+
+exports.__esModule = true;
+
+var _createClass = (function () { function defineProperties(target, props) { for (var i = 0; i < props.length; i++) { var descriptor = props[i]; descriptor.enumerable = descriptor.enumerable || false; descriptor.configurable = true; if ('value' in descriptor) descriptor.writable = true; Object.defineProperty(target, descriptor.key, descriptor); } } return function (Constructor, protoProps, staticProps) { if (protoProps) defineProperties(Constructor.prototype, protoProps); if (staticProps) defineProperties(Constructor, staticProps); return Constructor; }; })();
+
+function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError('Cannot call a class as a function'); } }
+
+var ClipboardAction = (function () {
+    /**
+     * @param {Object} options
+     */
+
+    function ClipboardAction(options) {
+        _classCallCheck(this, ClipboardAction);
+
+        this.resolveOptions(options);
+        this.initSelection();
+    }
+
+    /**
+     * Defines base properties passed from constructor.
+     * @param {Object} options
+     */
+
+    ClipboardAction.prototype.resolveOptions = function resolveOptions() {
+        var options = arguments.length <= 0 || arguments[0] === undefined ? {} : arguments[0];
+
+        this.action = options.action;
+        this.emitter = options.emitter;
+        this.target = options.target;
+        this.text = options.text;
+        this.trigger = options.trigger;
+
+        this.selectedText = '';
+    };
+
+    /**
+     * Decides which selection strategy is going to be applied based
+     * on the existence of `text` and `target` properties.
+     */
+
+    ClipboardAction.prototype.initSelection = function initSelection() {
+        if (this.text && this.target) {
+            throw new Error('Multiple attributes declared, use either "target" or "text"');
+        } else if (this.text) {
+            this.selectFake();
+        } else if (this.target) {
+            this.selectTarget();
+        } else {
+            throw new Error('Missing required attributes, use either "target" or "text"');
+        }
+    };
+
+    /**
+     * Creates a fake textarea element, sets its value from `text` property,
+     * and makes a selection on it.
+     */
+
+    ClipboardAction.prototype.selectFake = function selectFake() {
+        var _this = this;
+
+        this.removeFake();
+
+        this.fakeHandler = document.body.addEventListener('click', function () {
+            return _this.removeFake();
+        });
+
+        this.fakeElem = document.createElement('textarea');
+        this.fakeElem.style.position = 'absolute';
+        this.fakeElem.style.left = '-9999px';
+        this.fakeElem.style.top = (window.pageYOffset || document.documentElement.scrollTop) + 'px';
+        this.fakeElem.setAttribute('readonly', '');
+        this.fakeElem.value = this.text;
+        this.selectedText = this.text;
+
+        document.body.appendChild(this.fakeElem);
+
+        this.fakeElem.select();
+        this.copyText();
+    };
+
+    /**
+     * Only removes the fake element after another click event, that way
+     * an user can hit `Ctrl+C` to copy because selection still exists.
+     */
+
+    ClipboardAction.prototype.removeFake = function removeFake() {
+        if (this.fakeHandler) {
+            document.body.removeEventListener('click');
+            this.fakeHandler = null;
+        }
+
+        if (this.fakeElem) {
+            document.body.removeChild(this.fakeElem);
+            this.fakeElem = null;
+        }
+    };
+
+    /**
+     * Selects the content from element passed on `target` property.
+     */
+
+    ClipboardAction.prototype.selectTarget = function selectTarget() {
+        if (this.target.nodeName === 'INPUT' || this.target.nodeName === 'TEXTAREA') {
+            this.target.select();
+            this.selectedText = this.target.value;
+        } else {
+            var range = document.createRange();
+            var selection = window.getSelection();
+
+            range.selectNodeContents(this.target);
+            selection.addRange(range);
+            this.selectedText = selection.toString();
+        }
+
+        this.copyText();
+    };
+
+    /**
+     * Executes the copy operation based on the current selection.
+     */
+
+    ClipboardAction.prototype.copyText = function copyText() {
+        var succeeded = undefined;
+
+        try {
+            succeeded = document.execCommand(this.action);
+        } catch (err) {
+            succeeded = false;
+        }
+
+        this.handleResult(succeeded);
+    };
+
+    /**
+     * Fires an event based on the copy operation result.
+     * @param {Boolean} succeeded
+     */
+
+    ClipboardAction.prototype.handleResult = function handleResult(succeeded) {
+        if (succeeded) {
+            this.emitter.emit('success', {
+                action: this.action,
+                text: this.selectedText,
+                trigger: this.trigger,
+                clearSelection: this.clearSelection.bind(this)
+            });
+        } else {
+            this.emitter.emit('error', {
+                action: this.action,
+                trigger: this.trigger,
+                clearSelection: this.clearSelection.bind(this)
+            });
+        }
+    };
+
+    /**
+     * Removes current selection and focus from `target` element.
+     */
+
+    ClipboardAction.prototype.clearSelection = function clearSelection() {
+        if (this.target) {
+            this.target.blur();
+        }
+
+        window.getSelection().removeAllRanges();
+    };
+
+    /**
+     * Sets the `action` to be performed which can be either 'copy' or 'cut'.
+     * @param {String} action
+     */
+
+    /**
+     * Destroy lifecycle.
+     */
+
+    ClipboardAction.prototype.destroy = function destroy() {
+        this.removeFake();
+    };
+
+    _createClass(ClipboardAction, [{
+        key: 'action',
+        set: function set() {
+            var action = arguments.length <= 0 || arguments[0] === undefined ? 'copy' : arguments[0];
+
+            this._action = action;
+
+            if (this._action !== 'copy' && this._action !== 'cut') {
+                throw new Error('Invalid "action" value, use either "copy" or "cut"');
+            }
+        },
+
+        /**
+         * Gets the `action` property.
+         * @return {String}
+         */
+        get: function get() {
+            return this._action;
+        }
+
+        /**
+         * Sets the `target` property using an element
+         * that will be have its content copied.
+         * @param {Element} target
+         */
+    }, {
+        key: 'target',
+        set: function set(target) {
+            if (target !== undefined) {
+                if (target && typeof target === 'object' && target.nodeType === 1) {
+                    this._target = target;
+                } else {
+                    throw new Error('Invalid "target" value, use a valid Element');
+                }
+            }
+        },
+
+        /**
+         * Gets the `target` property.
+         * @return {String|HTMLElement}
+         */
+        get: function get() {
+            return this._target;
+        }
+    }]);
+
+    return ClipboardAction;
+})();
+
+exports['default'] = ClipboardAction;
+module.exports = exports['default'];
+
+},{}],7:[function(require,module,exports){
+'use strict';
+
+exports.__esModule = true;
+
+function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { 'default': obj }; }
+
+function _classCallCheck(instance, Constructor) { if (!(instance instanceof Constructor)) { throw new TypeError('Cannot call a class as a function'); } }
+
+function _inherits(subClass, superClass) { if (typeof superClass !== 'function' && superClass !== null) { throw new TypeError('Super expression must either be null or a function, not ' + typeof superClass); } subClass.prototype = Object.create(superClass && superClass.prototype, { constructor: { value: subClass, enumerable: false, writable: true, configurable: true } }); if (superClass) Object.setPrototypeOf ? Object.setPrototypeOf(subClass, superClass) : subClass.__proto__ = superClass; }
+
+var _clipboardAction = require('./clipboard-action');
+
+var _clipboardAction2 = _interopRequireDefault(_clipboardAction);
+
+var _delegateEvents = require('delegate-events');
+
+var _delegateEvents2 = _interopRequireDefault(_delegateEvents);
+
+var _tinyEmitter = require('tiny-emitter');
+
+var _tinyEmitter2 = _interopRequireDefault(_tinyEmitter);
+
+/**
+ * Base class which takes a selector, delegates a click event to it,
+ * and instantiates a new `ClipboardAction` on each click.
+ */
+
+var Clipboard = (function (_Emitter) {
+    _inherits(Clipboard, _Emitter);
+
+    /**
+     * @param {String} selector
+     * @param {Object} options
+     */
+
+    function Clipboard(selector, options) {
+        _classCallCheck(this, Clipboard);
+
+        _Emitter.call(this);
+
+        this.resolveOptions(options);
+        this.delegateClick(selector);
+    }
+
+    /**
+     * Helper function to retrieve attribute value.
+     * @param {String} suffix
+     * @param {Element} element
+     */
+
+    /**
+     * Defines if attributes would be resolved using internal setter functions
+     * or custom functions that were passed in the constructor.
+     * @param {Object} options
+     */
+
+    Clipboard.prototype.resolveOptions = function resolveOptions() {
+        var options = arguments.length <= 0 || arguments[0] === undefined ? {} : arguments[0];
+
+        this.action = typeof options.action === 'function' ? options.action : this.defaultAction;
+        this.target = typeof options.target === 'function' ? options.target : this.defaultTarget;
+        this.text = typeof options.text === 'function' ? options.text : this.defaultText;
+    };
+
+    /**
+     * Delegates a click event on the passed selector.
+     * @param {String} selector
+     */
+
+    Clipboard.prototype.delegateClick = function delegateClick(selector) {
+        var _this = this;
+
+        this.binding = _delegateEvents2['default'].bind(document.body, selector, 'click', function (e) {
+            return _this.onClick(e);
+        });
+    };
+
+    /**
+     * Undelegates a click event on body.
+     * @param {String} selector
+     */
+
+    Clipboard.prototype.undelegateClick = function undelegateClick() {
+        _delegateEvents2['default'].unbind(document.body, 'click', this.binding);
+    };
+
+    /**
+     * Defines a new `ClipboardAction` on each click event.
+     * @param {Event} e
+     */
+
+    Clipboard.prototype.onClick = function onClick(e) {
+        if (this.clipboardAction) {
+            this.clipboardAction = null;
+        }
+
+        this.clipboardAction = new _clipboardAction2['default']({
+            action: this.action(e.delegateTarget),
+            target: this.target(e.delegateTarget),
+            text: this.text(e.delegateTarget),
+            trigger: e.delegateTarget,
+            emitter: this
+        });
+    };
+
+    /**
+     * Default `action` lookup function.
+     * @param {Element} trigger
+     */
+
+    Clipboard.prototype.defaultAction = function defaultAction(trigger) {
+        return getAttributeValue('action', trigger);
+    };
+
+    /**
+     * Default `target` lookup function.
+     * @param {Element} trigger
+     */
+
+    Clipboard.prototype.defaultTarget = function defaultTarget(trigger) {
+        var selector = getAttributeValue('target', trigger);
+
+        if (selector) {
+            return document.querySelector(selector);
+        }
+    };
+
+    /**
+     * Default `text` lookup function.
+     * @param {Element} trigger
+     */
+
+    Clipboard.prototype.defaultText = function defaultText(trigger) {
+        return getAttributeValue('text', trigger);
+    };
+
+    /**
+     * Destroy lifecycle.
+     */
+
+    Clipboard.prototype.destroy = function destroy() {
+        this.undelegateClick();
+
+        if (this.clipboardAction) {
+            this.clipboardAction.destroy();
+            this.clipboardAction = null;
+        }
+    };
+
+    return Clipboard;
+})(_tinyEmitter2['default']);
+
+function getAttributeValue(suffix, element) {
+    var attribute = 'data-clipboard-' + suffix;
+
+    if (!element.hasAttribute(attribute)) {
+        return;
+    }
+
+    return element.getAttribute(attribute);
+}
+
+exports['default'] = Clipboard;
+module.exports = exports['default'];
+
+},{"./clipboard-action":6,"delegate-events":1,"tiny-emitter":5}]},{},[7])(7)
+});
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard.min.js b/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard.min.js
new file mode 100644
index 000000000..aac7ce97e
--- /dev/null
+++ b/SecurityShepherdCore/src/jsp/js/clipboard-js/clipboard.min.js
@@ -0,0 +1 @@
+!function(a){if("object"==typeof exports&&"undefined"!=typeof module)module.exports=a();else if("function"==typeof define&&define.amd)define([],a);else{var b;b="undefined"!=typeof window?window:"undefined"!=typeof global?global:"undefined"!=typeof self?self:this,b.Clipboard=a()}}(function(){return function a(b,c,d){function e(g,h){if(!c[g]){if(!b[g]){var i="function"==typeof require&&require;if(!h&&i)return i(g,!0);if(f)return f(g,!0);var j=new Error("Cannot find module '"+g+"'");throw j.code="MODULE_NOT_FOUND",j}var k=c[g]={exports:{}};b[g][0].call(k.exports,function(a){var c=b[g][1][a];return e(c?c:a)},k,k.exports,a,b,c,d)}return c[g].exports}for(var f="function"==typeof require&&require,g=0;g<d.length;g++)e(d[g]);return e}({1:[function(a,b,c){var d=a("closest"),e=a("component-event"),f=["focus","blur"];c.bind=function(a,b,c,g,h){return-1!==f.indexOf(c)&&(h=!0),e.bind(a,c,function(c){var e=c.target||c.srcElement;c.delegateTarget=d(e,b,!0,a),c.delegateTarget&&g.call(a,c)},h)},c.unbind=function(a,b,c,d){-1!==f.indexOf(b)&&(d=!0),e.unbind(a,b,c,d)}},{closest:2,"component-event":4}],2:[function(a,b,c){var d=a("matches-selector");b.exports=function(a,b,c){for(var e=c?a:a.parentNode;e&&e!==document;){if(d(e,b))return e;e=e.parentNode}}},{"matches-selector":3}],3:[function(a,b,c){function d(a,b){if(f)return f.call(a,b);for(var c=a.parentNode.querySelectorAll(b),d=0;d<c.length;++d)if(c[d]==a)return!0;return!1}var e=Element.prototype,f=e.matchesSelector||e.webkitMatchesSelector||e.mozMatchesSelector||e.msMatchesSelector||e.oMatchesSelector;b.exports=d},{}],4:[function(a,b,c){var d=window.addEventListener?"addEventListener":"attachEvent",e=window.removeEventListener?"removeEventListener":"detachEvent",f="addEventListener"!==d?"on":"";c.bind=function(a,b,c,e){return a[d](f+b,c,e||!1),c},c.unbind=function(a,b,c,d){return a[e](f+b,c,d||!1),c}},{}],5:[function(a,b,c){function d(){}d.prototype={on:function(a,b,c){var d=this.e||(this.e={});return(d[a]||(d[a]=[])).push({fn:b,ctx:c}),this},once:function(a,b,c){var d=this,e=function(){d.off(a,e),b.apply(c,arguments)};return this.on(a,e,c)},emit:function(a){var b=[].slice.call(arguments,1),c=((this.e||(this.e={}))[a]||[]).slice(),d=0,e=c.length;for(d;e>d;d++)c[d].fn.apply(c[d].ctx,b);return this},off:function(a,b){var c=this.e||(this.e={}),d=c[a],e=[];if(d&&b)for(var f=0,g=d.length;g>f;f++)d[f].fn!==b&&e.push(d[f]);return e.length?c[a]=e:delete c[a],this}},b.exports=d},{}],6:[function(a,b,c){"use strict";function d(a,b){if(!(a instanceof b))throw new TypeError("Cannot call a class as a function")}c.__esModule=!0;var e=function(){function a(a,b){for(var c=0;c<b.length;c++){var d=b[c];d.enumerable=d.enumerable||!1,d.configurable=!0,"value"in d&&(d.writable=!0),Object.defineProperty(a,d.key,d)}}return function(b,c,d){return c&&a(b.prototype,c),d&&a(b,d),b}}(),f=function(){function a(b){d(this,a),this.resolveOptions(b),this.initSelection()}return a.prototype.resolveOptions=function(){var a=arguments.length<=0||void 0===arguments[0]?{}:arguments[0];this.action=a.action,this.emitter=a.emitter,this.target=a.target,this.text=a.text,this.trigger=a.trigger,this.selectedText=""},a.prototype.initSelection=function(){if(this.text&&this.target)throw new Error('Multiple attributes declared, use either "target" or "text"');if(this.text)this.selectFake();else{if(!this.target)throw new Error('Missing required attributes, use either "target" or "text"');this.selectTarget()}},a.prototype.selectFake=function(){var a=this;this.removeFake(),this.fakeHandler=document.body.addEventListener("click",function(){return a.removeFake()}),this.fakeElem=document.createElement("textarea"),this.fakeElem.style.position="absolute",this.fakeElem.style.left="-9999px",this.fakeElem.style.top=(window.pageYOffset||document.documentElement.scrollTop)+"px",this.fakeElem.setAttribute("readonly",""),this.fakeElem.value=this.text,this.selectedText=this.text,document.body.appendChild(this.fakeElem),this.fakeElem.select(),this.copyText()},a.prototype.removeFake=function(){this.fakeHandler&&(document.body.removeEventListener("click"),this.fakeHandler=null),this.fakeElem&&(document.body.removeChild(this.fakeElem),this.fakeElem=null)},a.prototype.selectTarget=function(){if("INPUT"===this.target.nodeName||"TEXTAREA"===this.target.nodeName)this.target.select(),this.selectedText=this.target.value;else{var a=document.createRange(),b=window.getSelection();a.selectNodeContents(this.target),b.addRange(a),this.selectedText=b.toString()}this.copyText()},a.prototype.copyText=function(){var a=void 0;try{a=document.execCommand(this.action)}catch(b){a=!1}this.handleResult(a)},a.prototype.handleResult=function(a){a?this.emitter.emit("success",{action:this.action,text:this.selectedText,trigger:this.trigger,clearSelection:this.clearSelection.bind(this)}):this.emitter.emit("error",{action:this.action,trigger:this.trigger,clearSelection:this.clearSelection.bind(this)})},a.prototype.clearSelection=function(){this.target&&this.target.blur(),window.getSelection().removeAllRanges()},a.prototype.destroy=function(){this.removeFake()},e(a,[{key:"action",set:function(){var a=arguments.length<=0||void 0===arguments[0]?"copy":arguments[0];if(this._action=a,"copy"!==this._action&&"cut"!==this._action)throw new Error('Invalid "action" value, use either "copy" or "cut"')},get:function(){return this._action}},{key:"target",set:function(a){if(void 0!==a){if(!a||"object"!=typeof a||1!==a.nodeType)throw new Error('Invalid "target" value, use a valid Element');this._target=a}},get:function(){return this._target}}]),a}();c["default"]=f,b.exports=c["default"]},{}],7:[function(a,b,c){"use strict";function d(a){return a&&a.__esModule?a:{"default":a}}function e(a,b){if(!(a instanceof b))throw new TypeError("Cannot call a class as a function")}function f(a,b){if("function"!=typeof b&&null!==b)throw new TypeError("Super expression must either be null or a function, not "+typeof b);a.prototype=Object.create(b&&b.prototype,{constructor:{value:a,enumerable:!1,writable:!0,configurable:!0}}),b&&(Object.setPrototypeOf?Object.setPrototypeOf(a,b):a.__proto__=b)}function g(a,b){var c="data-clipboard-"+a;if(b.hasAttribute(c))return b.getAttribute(c)}c.__esModule=!0;var h=a("./clipboard-action"),i=d(h),j=a("delegate-events"),k=d(j),l=a("tiny-emitter"),m=d(l),n=function(a){function b(c,d){e(this,b),a.call(this),this.resolveOptions(d),this.delegateClick(c)}return f(b,a),b.prototype.resolveOptions=function(){var a=arguments.length<=0||void 0===arguments[0]?{}:arguments[0];this.action="function"==typeof a.action?a.action:this.defaultAction,this.target="function"==typeof a.target?a.target:this.defaultTarget,this.text="function"==typeof a.text?a.text:this.defaultText},b.prototype.delegateClick=function(a){var b=this;this.binding=k["default"].bind(document.body,a,"click",function(a){return b.onClick(a)})},b.prototype.undelegateClick=function(){k["default"].unbind(document.body,"click",this.binding)},b.prototype.onClick=function(a){this.clipboardAction&&(this.clipboardAction=null),this.clipboardAction=new i["default"]({action:this.action(a.delegateTarget),target:this.target(a.delegateTarget),text:this.text(a.delegateTarget),trigger:a.delegateTarget,emitter:this})},b.prototype.defaultAction=function(a){return g("action",a)},b.prototype.defaultTarget=function(a){var b=g("target",a);return b?document.querySelector(b):void 0},b.prototype.defaultText=function(a){return g("text",a)},b.prototype.destroy=function(){this.undelegateClick(),this.clipboardAction&&(this.clipboardAction.destroy(),this.clipboardAction=null)},b}(m["default"]);c["default"]=n,b.exports=c["default"]},{"./clipboard-action":6,"delegate-events":1,"tiny-emitter":5}]},{},[7])(7)});
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/js/clipboard-js/clippy.svg b/SecurityShepherdCore/src/jsp/js/clipboard-js/clippy.svg
new file mode 100644
index 000000000..d9122d70e
--- /dev/null
+++ b/SecurityShepherdCore/src/jsp/js/clipboard-js/clippy.svg
@@ -0,0 +1,3 @@
+<svg height="1024" width="896" xmlns="http://www.w3.org/2000/svg">
+  <path d="M704 896h-640v-576h640v192h64v-320c0-35-29-64-64-64h-192c0-71-57-128-128-128s-128 57-128 128h-192c-35 0-64 29-64 64v704c0 35 29 64 64 64h640c35 0 64-29 64-64v-128h-64v128z m-512-704c29 0 29 0 64 0s64-29 64-64 29-64 64-64 64 29 64 64 32 64 64 64 33 0 64 0 64 29 64 64h-512c0-39 28-64 64-64z m-64 512h128v-64h-128v64z m448-128v-128l-256 192 256 192v-128h320v-128h-320z m-448 256h192v-64h-192v64z m320-448h-320v64h320v-64z m-192 128h-128v64h128v-64z" />
+</svg>
diff --git a/SecurityShepherdCore/src/jsp/js/clipboard-js/tooltips.js b/SecurityShepherdCore/src/jsp/js/clipboard-js/tooltips.js
new file mode 100644
index 000000000..0b445d838
--- /dev/null
+++ b/SecurityShepherdCore/src/jsp/js/clipboard-js/tooltips.js
@@ -0,0 +1,36 @@
+var btns;
+
+function prepTooltips(){
+	btns = document.querySelectorAll('.btn');
+	for (var i = 0; i < btns.length; i++) {
+	    btns[i].addEventListener('mouseleave', function(e) {
+	        e.currentTarget.setAttribute('class', 'btn');
+	        e.currentTarget.removeAttribute('aria-label');
+	    });
+	}
+}
+
+function showTooltip(elem, msg) {
+    elem.setAttribute('class', 'btn tooltipped');
+    elem.setAttribute('aria-label', msg);
+}
+
+// Simplistic detection, do not use it in production
+function fallbackMessage(action) {
+    var actionMsg = '';
+    var actionKey = (action === 'cut' ? 'X' : 'C');
+
+    if(/iPhone|iPad/i.test(navigator.userAgent)) {
+        actionMsg = 'No support :(';
+    }
+    else if (/Mac/i.test(navigator.userAgent)) {
+        actionMsg = 'Press ⌘-' + actionKey + ' to ' + action;
+    }
+    else {
+        actionMsg = 'Press Ctrl-' + actionKey + ' to ' + action;
+    }
+
+    return actionMsg;
+}
+
+//hljs.initHighlightingOnLoad();
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/js/toggle.js b/SecurityShepherdCore/src/jsp/js/toggle.js
deleted file mode 100644
index e04751b5a..000000000
--- a/SecurityShepherdCore/src/jsp/js/toggle.js
+++ /dev/null
@@ -1,25 +0,0 @@
-$("#lessonList").click(function () {
-	$("#theLessonList").toggle("slow");
-	$("#theChallengeList").hide("fast");
-	$("#theAdminList").hide("fast");
-});   
-
-$("#challengeList").click(function () {
-	$("#theChallengeList").toggle("slow");
-	$("#theLessonList").hide("fast");
-	$("#theAdminList").hide("fast");
-});
-
-$(".successAlert").click(function(){
-	alert("successAlert click");
-	$(this).hide("slide", { direction: "left" }, 1000);
-});
-
-$(".errorAlert").click(function(){
-	$(this).hide("slide", { direction: "left" }, 1000);
-});
-
-$(".challengeHeader").click(function(){
-	$(".challengeList").hide("fast");
-	$(this).parent().find(".challengeList").show("slow");
-});
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp b/SecurityShepherdCore/src/jsp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp
index a713b3c82..574099a88 100644
--- a/SecurityShepherdCore/src/jsp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/19753b944b63232812b7af1a0e0adb59928158da5994a39f584cb799f25a95b9.jsp
@@ -9,6 +9,7 @@
 	//Translation Stuff
 	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
 	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_reverse_engineering." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 	//Used more than once translations
 	String translatedLevelName = bundle.getString("title.question.m_reverse_engineering");
 	/**
@@ -30,9 +31,7 @@
 	 *
 	 * @author Sean Duggan
 	 */
-	//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-	String levelBlurb = "";
-	
+
 	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 	if (request.getSession() != null)
 	{
@@ -61,15 +60,16 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%=translatedLevelName%></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%=translatedLevelName%></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
 		<h2 class="title"><%= translatedLevelName %></h2>
 		<p>
@@ -88,7 +88,7 @@
 			<%= bundle.getString("challenge.description") %>
 			<br/>
 			<br/>
-			<%= Analytics.getMobileLevelBlurb("ReverseEngineer.apk") %>
+			<%= mobile.getString("mobileBlurb.vmLink.1") + " ReverseEngineer.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 			<script>
 				$('#hideLesson').click(function(){
 					$("#lessonIntro").hide("slow", function(){
diff --git a/SecurityShepherdCore/src/jsp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp b/SecurityShepherdCore/src/jsp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp
index e94031c74..03c2abc97 100644
--- a/SecurityShepherdCore/src/jsp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/392c20397c535845d93c32fd99b94f70afe9cca3f78c1e4766fee1cc08c035ec.jsp
@@ -9,6 +9,7 @@
 	//Translation Stuff
 	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
 	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_unintended_data_leakage." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 	//Used more than once translations
 	String translatedLevelName = bundle.getString("title.question.m_uninteded_data_leakage");
 	
@@ -55,15 +56,16 @@ if (request.getSession() != null)
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%= translatedLevelName %></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%= translatedLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
 		<p>
 			
@@ -98,7 +100,7 @@ if (request.getSession() != null)
 				<%= bundle.getString("challenge.description") %>
 				<br>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("UDataLeakage.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " UDataLeakage.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 			
 				<script>	
 					$('#hideLesson').click(function(){
diff --git a/SecurityShepherdCore/src/jsp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp b/SecurityShepherdCore/src/jsp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp
index 5eab90622..181d95c21 100644
--- a/SecurityShepherdCore/src/jsp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39.jsp
@@ -7,12 +7,11 @@
 	String levelName = "Content Provider Leakage Lesson";
 	//Alphanumeric Only
 	String levelHash = "4d41997b5b81c88f7eb761c1975481c4ce397b80291d99307cfad69662277d39";
-	//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-	String levelBlurb = "";
 	
 	//Translation Stuff
 	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
 	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_content_provider_leakage." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 	//Used more than once translations
 	String translatedLevelName = bundle.getString("title.question.content_provider_leak");
 
@@ -58,14 +57,16 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%= translatedLevelName %></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%= translatedLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
 		<h2 class="title"><%= translatedLevelName %></h2>
 		<p>
@@ -94,7 +95,7 @@
 		<%= bundle.getString("challenge.description") %>
 		<br/>
 		<br>
-		<%= Analytics.getMobileLevelBlurb("CProviderLeakage.apk") %>
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " CProviderLeakage.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 		
 		<script>
 				
diff --git a/SecurityShepherdCore/src/jsp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp b/SecurityShepherdCore/src/jsp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp
index 50850bdc3..e8a81c0c4 100644
--- a/SecurityShepherdCore/src/jsp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f.jsp
@@ -58,9 +58,13 @@ String translatedLevelName = bundle.getString("title.question.poor_data_validati
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp b/SecurityShepherdCore/src/jsp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp
index 7226c5fc5..3c9b72e4c 100644
--- a/SecurityShepherdCore/src/jsp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10ac8e.jsp
@@ -9,6 +9,7 @@ String levelHash = "77777b312d5b56a17c1f30550dd34e8d6bd8b037f05341e64e94f5411c10
 //Translation Stuff
 Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
 ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_poor_authentication." + levelHash, locale);
+ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 //Used more than once translations
 String translatedLevelName = bundle.getString("title.question.m_poor_authentication");
 
@@ -55,21 +56,18 @@ if (request.getSession() != null)
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%= translatedLevelName %></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%= translatedLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
 		<p>
-			<%
-				/* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/
-			%>
-			
 			<h2 class="title"><%= translatedLevelName  %></h2>
 			<p> 
 				<div id="lessonIntro">
@@ -83,7 +81,7 @@ if (request.getSession() != null)
 				<br/>
 				<br>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("PoorAuthentication.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " PoorAuthentication.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 			</p>
 			<script>
 				$('#hideLesson').click(function(){
diff --git a/SecurityShepherdCore/src/jsp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp b/SecurityShepherdCore/src/jsp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp
index 93973827c..46a675fd5 100644
--- a/SecurityShepherdCore/src/jsp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/911fa7f4232e096d6a74a0623842c4157e29b9bcc44e8a827be3bb7e58c9a212.jsp
@@ -9,6 +9,7 @@
 	//Translation Stuff
 	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
 	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_broken_crypto." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 	//Used more than once translations
 	String translatedLevelName = bundle.getString("title.question.mobile_broken_crypto");
 	
@@ -55,15 +56,16 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%= translatedLevelName %></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%= translatedLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
 		<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
@@ -84,7 +86,7 @@
 				<%= bundle.getString("challenge.description") %>
 				<br/>
 				<br/>
-				<%= Analytics.getMobileLevelBlurb("BrokenCrypto.apk") %>
+				<%= mobile.getString("mobileBlurb.vmLink.1") + " BrokenCrypto.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 			</p>
 			<script>
 				$('#hideLesson').click(function(){
diff --git a/SecurityShepherdCore/src/jsp/lessons/adminOnly/resultKey.jsp b/SecurityShepherdCore/src/jsp/lessons/adminOnly/resultKey.jsp
index 9c93a97d5..a6c917540 100644
--- a/SecurityShepherdCore/src/jsp/lessons/adminOnly/resultKey.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/adminOnly/resultKey.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage="" %>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 <%
 String levelName = "Failure To Restrict URL Access Lesson Target";
@@ -30,7 +30,11 @@ if (request.getSession() != null)
 		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
 
 %>
-<html><body>
+<html><head></head><body>
+<script type="text/javascript" src="../js/jquery.js"></script>
+<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 <% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
 <br/>
 <br/>
diff --git a/SecurityShepherdCore/src/jsp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp b/SecurityShepherdCore/src/jsp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp
index 79a1c61b3..c9eedf584 100644
--- a/SecurityShepherdCore/src/jsp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806.jsp
@@ -60,9 +60,13 @@ if (request.getSession() != null)
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/lessons/bf16081ed057b2d1bc97f4b9da897149819a159a8114d4867c7f8f327f5453a8.jsp b/SecurityShepherdCore/src/jsp/lessons/bf16081ed057b2d1bc97f4b9da897149819a159a8114d4867c7f8f327f5453a8.jsp
deleted file mode 100644
index b01a30a5f..000000000
--- a/SecurityShepherdCore/src/jsp/lessons/bf16081ed057b2d1bc97f4b9da897149819a159a8114d4867c7f8f327f5453a8.jsp
+++ /dev/null
@@ -1,93 +0,0 @@
-<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage=""%>
-<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
-
-<%
-//No Quotes In level Name
-String levelName = "What is Mobile Unintended Data Leakage?";
-//Alphanumeric Only
-String levelHash = "bf16081ed057b2d1bc97f4b9da897149819a159a8114d4867c7f8f327f5453a8";
-
-//Translation Stuff
-Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_uninteded_data_leak." + levelHash, locale);
-//Used more than once translations
-String translatedLevelName = bundle.getString("title.question.m_uninteded_data_leakage");
-
-/**
- * <br/><br/>
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
- * @author Sean Duggan
- */
- 
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "";
-
-ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-if (request.getSession() != null)
-{
-	HttpSession ses = request.getSession();
-	//Getting CSRF Token from client
-	Cookie tokenCookie = null;
-	try
-	{
-		tokenCookie = Validate.getToken(request.getCookies());
-	}
-	catch(Exception htmlE)
-	{
-		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
-	}
-	// validateSession ensures a valid session, and valid role credentials
-	// If tokenCookie == null, then the page is not going to continue loading
-	if (Validate.validateSession(ses) && tokenCookie != null)
-	{
-		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-
-%>
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= translatedLevelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
-	
-	</script> 
-</head>
-<body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
-		<div id="contentDiv">
-			<h2 class="title"><%= translatedLevelName %></h2>
-			<p> 
-				The App for this Challenge was rushed to completion, as a result some features which should not have made it to the final version were included. The result key can be found in <a>App logs</a> only intended for debugging. Submit it to complete this challenge. 
-				<br/>
-				<br/>
-				<%= Analytics.getMobileLevelBlurb("UDataLeakage1.apk") %> 
-			</p>
-		</div>
-		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
-</body>
-</html>
-<%
-	}
-	else
-	{
-		response.sendRedirect("../loggedOutSheep.html");
-	}
-}
-else
-{
-	response.sendRedirect("../loggedOutSheep.html");
-}
-%>
\ No newline at end of file
diff --git a/SecurityShepherdCore/src/jsp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp b/SecurityShepherdCore/src/jsp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp
index 89c182c6a..5dcbbd46e 100644
--- a/SecurityShepherdCore/src/jsp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594.jsp
@@ -1,4 +1,4 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage=""%>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*" errorPage=""%>
 <%@ page import="java.util.Locale, java.util.ResourceBundle"%>
 
 <%
@@ -58,9 +58,13 @@ String translatedLevelName = bundle.getString("title.question.sql_injection");
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp b/SecurityShepherdCore/src/jsp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp
index 723dd221a..0ec01f67d 100644
--- a/SecurityShepherdCore/src/jsp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/ecfad0a5d41f59e6bed7325f56576e1dc140393185afca8975fbd6822ebf392f.jsp
@@ -9,6 +9,7 @@
 	//Translation Stuff
 	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
 	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_insecure_data_storage." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 	//Used more than once translations
 	String translatedLevelName = bundle.getString("title.question.m_insecure_data_storeage");
 	
@@ -31,10 +32,6 @@
 	 *
 	 * @author Sean Duggan
 	 */
-	
-	//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-	String levelBlurb = "";
-
 	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 	if (request.getSession() != null)
 	{
@@ -57,15 +54,16 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%= translatedLevelName %></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"
-	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%= translatedLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
 		<h2 class="title"><%= translatedLevelName %></h2>
 		<p> 
@@ -92,7 +90,7 @@
 		
 		<br/>
 		<br/>
-		<%= Analytics.getMobileLevelBlurb("InsecureData.apk") %>
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " InsecureData.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 		
 		<script>
 			
diff --git a/SecurityShepherdCore/src/jsp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp b/SecurityShepherdCore/src/jsp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp
index b9acfb0c8..73fa46612 100644
--- a/SecurityShepherdCore/src/jsp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/ed4182af119d97728b2afca6da7cdbe270a9e9dd714065f0f775cd40dc296bc7.jsp
@@ -63,9 +63,13 @@ String translatedLevelName = bundle.getString("title.question.csrf");
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p>
diff --git a/SecurityShepherdCore/src/jsp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp b/SecurityShepherdCore/src/jsp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp
index 4f3fc8a8d..5c1b55a97 100644
--- a/SecurityShepherdCore/src/jsp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f.jsp
@@ -6,10 +6,10 @@
 String levelName = new String("Unvalidated Redirects and Forwards Lesson");
 String levelHash = new String("f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f");
 //Translation Stuff
-	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.unvalidated_redirects_forwards." + levelHash, locale);
-	//Used more than once translations
-	String translatedLevelName = bundle.getString("title.question.unvalidated_redirects_forwards");
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.unvalidated_redirects_forwards." + levelHash, locale);
+//Used more than once translations
+String translatedLevelName = bundle.getString("title.question.unvalidated_redirects_forwards");
 
 /**
  * This file is part of the Security Shepherd Project.
@@ -50,9 +50,9 @@ String levelHash = new String("f15f2766c971e16e68aa26043e6016a0a7f6879283c873d94
  		//This encoder should escape all output to prevent XSS attacks. This should be performed everywhere for safety
  		Encoder encoder = ESAPI.encoder();
  		String csrfToken = encoder.encodeForHTML(tokenCookie.getValue());
-	String hex = (String) ses.getAttribute("userName");
-	String tempId = new Integer(hex.getBytes().hashCode() + hex.substring(0, hex.length() / 2).hashCode()).toString();
-	ses.setAttribute("tempId", tempId);
+		String hex = (String) ses.getAttribute("userName");
+		String tempId = new Integer(hex.getBytes().hashCode() + hex.substring(0, hex.length() / 2).hashCode()).toString();
+		ses.setAttribute("tempId", tempId);
 %>
 
 <html xmlns="http://www.w3.org/1999/xhtml">
@@ -60,9 +60,13 @@ String levelHash = new String("f15f2766c971e16e68aa26043e6016a0a7f6879283c873d94
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p>
diff --git a/SecurityShepherdCore/src/jsp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp b/SecurityShepherdCore/src/jsp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp
index 7784559c6..e71a9d7e3 100644
--- a/SecurityShepherdCore/src/jsp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/f758a97011ec4452cc0707e546a7c0f68abc6ef2ab747ea87e0892767152eae1.jsp
@@ -10,11 +10,9 @@
 	//Translation Stuff
 	Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
 	ResourceBundle bundle = ResourceBundle.getBundle("i18n.lessons.m_client_side_injection." + levelHash, locale);
+	ResourceBundle mobile = ResourceBundle.getBundle("i18n.moduleGenerics.mobileGenericStrings", locale);
 	//Used more than once translations
 	String translatedLevelName = bundle.getString("title.question.csi");
-	
-	//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-	String levelBlurb = "";
 
 	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
 	if (request.getSession() != null)
@@ -58,14 +56,16 @@
 %>
 <html xmlns="http://www.w3.org/1999/xhtml">
 <head>
-<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-<title>Security Shepherd - <%= translatedLevelName %></title>
-<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css"	media="screen" />
-
-</script>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%= translatedLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 	<div id="contentDiv">
 		<h2 class="title"><%= translatedLevelName %></h2>
 		<p>
@@ -89,7 +89,7 @@
 		 <%= bundle.getString("challenge.description") %>
 		<br/>
 		<br>
-		<%= Analytics.getMobileLevelBlurb("CSInjection.apk") %>
+		<%= mobile.getString("mobileBlurb.vmLink.1") + " CSInjection.apk " + mobile.getString("mobileBlurb.vmLink.2") %>
 		
 		<script>
 				
diff --git a/SecurityShepherdCore/src/jsp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp b/SecurityShepherdCore/src/jsp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp
index b801b2ee9..8bbb1a4bc 100644
--- a/SecurityShepherdCore/src/jsp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100.jsp
@@ -58,9 +58,13 @@ String translatedLevelName = bundle.getString("title.quesetion.insecure_direct_o
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p>
diff --git a/SecurityShepherdCore/src/jsp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp b/SecurityShepherdCore/src/jsp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp
index e0bdbe110..8005ba939 100644
--- a/SecurityShepherdCore/src/jsp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833.jsp
@@ -58,9 +58,13 @@ String translatedLevelName = bundle.getString("title.question.security_misconfig
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp b/SecurityShepherdCore/src/jsp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp
index d881daaa6..ed474f215 100644
--- a/SecurityShepherdCore/src/jsp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2.jsp
@@ -56,9 +56,13 @@ String translatedLevelName = bundle.getString("title.question.insecure_crypto");
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
diff --git a/SecurityShepherdCore/src/jsp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp b/SecurityShepherdCore/src/jsp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp
index 9e2406787..30d7037a1 100644
--- a/SecurityShepherdCore/src/jsp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/oed23498d53ad1d965a589e257d8366d74eb52ef955e103c813b592dba0477e3.jsp
@@ -58,9 +58,13 @@ String translatedLevelName = bundle.getString("title.question.fail_restrict_url_
 	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
 	<title>Security Shepherd - <%= translatedLevelName %></title>
 	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p>
diff --git a/SecurityShepherdCore/src/jsp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp b/SecurityShepherdCore/src/jsp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp
index 5f41cac97..42be90457 100644
--- a/SecurityShepherdCore/src/jsp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp
+++ b/SecurityShepherdCore/src/jsp/lessons/zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a.jsp
@@ -62,6 +62,9 @@ if (request.getSession() != null)
 </head>
 <body>
 	<script type="text/javascript" src="../js/jquery.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard.min.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/tooltips.js"></script>
+	<script type="text/javascript" src="../js/clipboard-js/clipboard-events.js"></script>
 		<div id="contentDiv">
 			<h2 class="title"><%= translatedLevelName %></h2>
 			<p> 
@@ -93,7 +96,7 @@ if (request.getSession() != null)
 						<%= bundle.getString("paragraph.info.searchTerm") %>
 					</td></tr>
 					<tr><td>
-						<input style="width: 400px;" id="searchTerm" type="text"/>
+						<input style="width: 400px;" id="searchTerm" type="text" autocomplete="off"/>
 					</td></tr>
 					<tr><td>
 						<div id="submitButton"><input type="submit" value="<%= bundle.getString("button.getUser") %>"/></div>
diff --git a/SecurityShepherdCore/src/jsp/login.jsp b/SecurityShepherdCore/src/jsp/login.jsp
index ee2388edd..ce069f3b7 100644
--- a/SecurityShepherdCore/src/jsp/login.jsp
+++ b/SecurityShepherdCore/src/jsp/login.jsp
@@ -124,7 +124,7 @@ if(ses.getAttribute("loginFailed") != null)
 			<div id="aboutDiv" style="display: none;">
 			<h2 class="title"><fmt:message key="generic.text.aboutSecShep" /></h2>
 			<p id="about_shepherd_blurb"><fmt:message key="login.text.about_blurb" /></p>
-			<%= Analytics.sponsorshipMessage %>
+			<%= Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession()))) %>
 			</div>
 		</div>
 		<!-- end content -->
diff --git a/SecurityShepherdCore/src/jsp/mobileLevelTemplate.jsp b/SecurityShepherdCore/src/jsp/mobileLevelTemplate.jsp
index ee1e1e044..ac6d75cd1 100644
--- a/SecurityShepherdCore/src/jsp/mobileLevelTemplate.jsp
+++ b/SecurityShepherdCore/src/jsp/mobileLevelTemplate.jsp
@@ -1,126 +1,126 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
-<%
-
-//No Quotes or HTML In level Name
-String levelName = "levelName";
-//Alphanumeric Only
-String levelHash = "levelHash";
-//Level blurb can be writen here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "Download the file and play with it to extract the key for this level!";
-
-try
-{
-	if (request.getSession() != null)
-	{
-		HttpSession ses = request.getSession();
-		String userName = (String) ses.getAttribute("decyrptedUserName");
-		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + userName, ses.getAttribute("userName"));
-	}
-}
-catch (Exception e)
-{
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed");
-	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not recover username: " + e.toString());
-}
-/**
- * <br/><br/>
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
- * @author Sean Duggan
- */
-%>
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
-	
-	</script> 
-</head>
-<body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
-		<div id="contentDiv">
-			<h2 class="title"><%= levelName %>template</h2>
-			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
-				
-				<%= Analytics.sourceForgeMobileVmLinkBlurb %>
-				<br/>
-					
-				<br/>
-				<% /* IF you need a form - Present it like this */ %>
-				<%
-				/*
-				<br />
-				<br />
-				<form id="leForm" action="javascript:;">
-					<table>
-					<tr><td>			
-						<div id="submitButton">
-						<input type="submit" value="Get Info"/></div>
-						<p style="display: none;" id="loadingSign">Loading...</p>
-						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
-					</td></tr>
-					</table>
-				</form>
-				
-				<div id="resultsDiv"></div>
-				*/
-				%>
-			</p>
-		</div>
-		<% /*If you need to call the Server Do it like this */ %>
-		<%
-		/*
-		<script>
-			$("#leForm").submit(function(){
-				var theVariableName = $("#variableName").val();
-				var theSecondVariableName = $("#secondVariableName").val();
-				$("#submitButton").hide("fast");
-				$("#loadingSign").show("slow");
-				$("#resultsDiv").hide("slow", function(){
-					var ajaxCall = $.ajax({
-						type: "POST",
-						url: "<ChangeThis= levelHash ChangeThis>",
-						data: {
-							variableName: theVariableName, 
-							secondVariableName: theSecondVariableName
-						},
-						async: false
-					});
-					if(ajaxCall.status == 200)
-					{
-						$("#resultsDiv").html(ajaxCall.responseText);
-					}
-					else
-					{
-						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-					}
-					$("#resultsDiv").show("slow", function(){
-						$("#loadingSign").hide("fast", function(){
-							$("#submitButton").show("slow");
-						});
-					});
-				});
-			});
-		</script>
-		*/
-		%>
-		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
-</body>
-</html>
\ No newline at end of file
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*, org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
+<%
+
+//MUST be in English and no Quotes In level Name
+String levelName = "Level Name";
+//Alphanumeric Only
+String levelHash = "Level Hash";
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n." + levelHash, locale);
+//Used more than once translations
+String i18nLevelName = bundle.getString("title.");
+try
+{
+	if (request.getSession() != null)
+	{
+		HttpSession ses = request.getSession();
+		String userName = (String) ses.getAttribute("decyrptedUserName");
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + userName, ses.getAttribute("userName"));
+	}
+}
+catch (Exception e)
+{
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed");
+	ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), "Could not recover username: " + e.toString());
+}
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Sean Duggan
+ */
+%>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%= i18nLevelName %></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+	
+	</script> 
+</head>
+<body>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+		<div id="contentDiv">
+			<h2 class="title"><%= i18nLevelName %>template</h2>
+			<p> 
+				
+				<%= bundle.getString("paragraph.info.1") %>
+				<br/>
+					
+				<br/>
+				<% /* IF you need a form - Present it like this */ %>
+				<%
+				/*
+				<br />
+				<br />
+				<form id="leForm" action="javascript:;">
+					<table>
+					<tr><td>			
+						<div id="submitButton">
+						<input type="submit" value="Get Info"/></div>
+						<p style="display: none;" id="loadingSign">Loading...</p>
+						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
+					</td></tr>
+					</table>
+				</form>
+				
+				<div id="resultsDiv"></div>
+				*/
+				%>
+			</p>
+		</div>
+		<% /*If you need to call the Server Do it like this */ %>
+		<%
+		/*
+		<script>
+			$("#leForm").submit(function(){
+				var theVariableName = $("#variableName").val();
+				var theSecondVariableName = $("#secondVariableName").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<ChangeThis= levelHash ChangeThis>",
+						data: {
+							variableName: theVariableName, 
+							secondVariableName: theSecondVariableName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+		*/
+		%>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
+</body>
+</html>
diff --git a/SecurityShepherdCore/src/jsp/readyToPlay.jsp b/SecurityShepherdCore/src/jsp/readyToPlay.jsp
index b91029d3a..cacd251e9 100644
--- a/SecurityShepherdCore/src/jsp/readyToPlay.jsp
+++ b/SecurityShepherdCore/src/jsp/readyToPlay.jsp
@@ -75,7 +75,7 @@
 			<h2 class="title"><fmt:message key="readyToPlay.title.enteredGame" /></h2>
 			<p> <fmt:message key="readyToPlay.text.info.enteredGame" /> </p>
 			<% } %>
-			<%= Analytics.sponsorshipMessage %>
+			<%= Analytics.sponsorshipMessage(new Locale(Validate.validateLanguage(request.getSession()))) %>
 			<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
 		</div>
 </body>
diff --git a/SecurityShepherdCore/src/jsp/translation-select.jsp b/SecurityShepherdCore/src/jsp/translation-select.jsp
index 730f4a1fb..64f412311 100644
--- a/SecurityShepherdCore/src/jsp/translation-select.jsp
+++ b/SecurityShepherdCore/src/jsp/translation-select.jsp
@@ -7,5 +7,6 @@
 					<option value="pt" ${lang == 'pt' ? 'selected' : ''}>Português</option>					
 					<option value="ga" ${lang == 'ga' ? 'selected' : ''}>Gaeilge</option>
 					<option value="zh" ${lang == 'zh' ? 'selected' : ''}>中文</option>
+					<option value="hi" ${lang == 'hi' ? 'selected' : ''}>Hindi(Hinglish)</option>
 				</select>
 			</form>
diff --git a/SecurityShepherdCore/src/jsp/webLevelTemplate.jsp b/SecurityShepherdCore/src/jsp/webLevelTemplate.jsp
index b3d49cdf9..3b30b4e9d 100644
--- a/SecurityShepherdCore/src/jsp/webLevelTemplate.jsp
+++ b/SecurityShepherdCore/src/jsp/webLevelTemplate.jsp
@@ -1,140 +1,142 @@
-<%@ page contentType="text/html; charset=iso-8859-1" language="java" import="utils.*" errorPage="" %>
-<%
-/**
- * <br/><br/>
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- *
- * @author Your Name
- */
-
-//No Quotes In level Name
-String levelName = "Level Name";
-//Alphanumeric Only
-String levelHash = "Level Hash";
-//Level blurb can be written here in HTML OR go into the HTML body and write it there. Nobody will update this but you
-String levelBlurb = "Tell the player what to do here";
-
-ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
-if (request.getSession() != null)
-{
-	HttpSession ses = request.getSession();
-	//Getting CSRF Token from client
-	Cookie tokenCookie = null;
-	try
-	{
-		tokenCookie = Validate.getToken(request.getCookies());
-	}
-	catch(Exception htmlE)
-	{
-		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
-	}
-	// validateSession ensures a valid session, and valid role credentials
-	// If tokenCookie == null, then the page is not going to continue loading
-	if (Validate.validateSession(ses) && tokenCookie != null)
-	{
-		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
-
-%>
-<html xmlns="http://www.w3.org/1999/xhtml">
-<head>
-	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
-	<title>Security Shepherd - <%= levelName %></title>
-	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
-</head>
-<body>
-	<script type="text/javascript" src="../js/jquery.js"></script>
-		<div id="contentDiv">
-			<h2 class="title"><%= levelName %></h2>
-			<p> 
-				<% /* Put Your Blurb Here Instead of the following scriptlet. Not this comment Bren. Jeesh*/ %>
-				
-				<%= levelBlurb %>
-				<br/>
-				<br/>
-				<a href="<%=levelHash%>/DownloadMe.zip">Download Me</a>
-				<% /* IF you need a form - Present it like this */ %>
-				<%
-				/*
-				<br />
-				<br />
-				<form id="leForm" action="javascript:;">
-					<table>
-					<tr><td>			
-						<div id="submitButton">
-						<input type="submit" value="Get Info"/></div>
-						<p style="display: none;" id="loadingSign">Loading...</p>
-						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
-					</td></tr>
-					</table>
-				</form>
-				
-				<div id="resultsDiv"></div>
-				*/
-				%>
-			</p>
-		</div>
-		<% /*If you need to call the Server Do it like this */ %>
-		<%
-		/*
-		<script>
-			$("#leForm").submit(function(){
-				var theVariableName = $("#variableName").val();
-				var theSecondVariableName = $("#secondVariableName").val();
-				$("#submitButton").hide("fast");
-				$("#loadingSign").show("slow");
-				$("#resultsDiv").hide("slow", function(){
-					var ajaxCall = $.ajax({
-						type: "POST",
-						url: "<ChangeThis= levelHash ChangeThis>",
-						data: {
-							variableName: theVariableName, 
-							secondVariableName: theSecondVariableName
-						},
-						async: false
-					});
-					if(ajaxCall.status == 200)
-					{
-						$("#resultsDiv").html(ajaxCall.responseText);
-					}
-					else
-					{
-						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
-					}
-					$("#resultsDiv").show("slow", function(){
-						$("#loadingSign").hide("fast", function(){
-							$("#submitButton").show("slow");
-						});
-					});
-				});
-			});
-		</script>
-		*/
-		%>
-		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
-</body>
-</html>
-<%
-	}
-	else
-	{
-		response.sendRedirect("../loggedOutSheep.html");
-	}
-}
-else
-{
-	response.sendRedirect("../loggedOutSheep.html");
-}
-%>
+<%@ page contentType="text/html; charset=UTF-8" pageEncoding="UTF-8" language="java" import="utils.*, org.owasp.esapi.ESAPI, org.owasp.esapi.Encoder" errorPage=""%>
+<%@ page import="java.util.Locale, java.util.ResourceBundle"%>
+<%
+/**
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ *
+ * @author Your Name
+ */
+
+//MUST be in English and no Quotes In level Name
+String levelName = "Level Name";
+//Alphanumeric Only
+String levelHash = "Level Hash";
+//Translation Stuff
+Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+ResourceBundle bundle = ResourceBundle.getBundle("i18n." + levelHash, locale);
+//Used more than once translations
+String i18nLevelName = bundle.getString("title.");
+
+ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " Accessed");
+if (request.getSession() != null)
+{
+	HttpSession ses = request.getSession();
+	//Getting CSRF Token from client
+	Cookie tokenCookie = null;
+	try
+	{
+		tokenCookie = Validate.getToken(request.getCookies());
+	}
+	catch(Exception htmlE)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName +".jsp: tokenCookie Error:" + htmlE.toString());
+	}
+	// validateSession ensures a valid session, and valid role credentials
+	// If tokenCookie == null, then the page is not going to continue loading
+	if (Validate.validateSession(ses) && tokenCookie != null)
+	{
+		ShepherdLogManager.logEvent(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), levelName + " has been accessed by " + ses.getAttribute("userName").toString(), ses.getAttribute("userName"));
+
+%>
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+	<meta http-equiv="content-type" content="text/html; charset=utf-8" />
+	<title>Security Shepherd - <%=i18nLevelName%></title>
+	<link href="../css/lessonCss/theCss.css" rel="stylesheet" type="text/css" media="screen" />
+</head>
+<body>
+	<script type="text/javascript" src="../js/jquery.js"></script>
+		<div id="contentDiv">
+			<h2 class="title"><%= i18nLevelName %></h2>
+			<p> 
+				<%= bundle.getString("paragraph.info.1") %>
+				<br/>
+				<br/>
+				<a href="<%=levelHash%>/DownloadMe.zip">Download Me</a>
+				<% /* IF you need a form - Present it like this */ %>
+				<%
+				/*
+				<br />
+				<br />
+				<form id="leForm" action="javascript:;">
+					<table>
+					<tr><td>			
+						<div id="submitButton">
+						<input type="submit" value="Get Info"/></div>
+						<p style="display: none;" id="loadingSign">Loading...</p>
+						<div style="display: none;" id="hintButton"><input type="button" value="Would you like a hint?" id="theHintButton"/></div>
+					</td></tr>
+					</table>
+				</form>
+				
+				<div id="resultsDiv"></div>
+				*/
+				%>
+			</p>
+		</div>
+		<% /*If you need to call the Server Do it like this */ %>
+		<%
+		/*
+		<script>
+			$("#leForm").submit(function(){
+				var theVariableName = $("#variableName").val();
+				var theSecondVariableName = $("#secondVariableName").val();
+				$("#submitButton").hide("fast");
+				$("#loadingSign").show("slow");
+				$("#resultsDiv").hide("slow", function(){
+					var ajaxCall = $.ajax({
+						type: "POST",
+						url: "<ChangeThis= levelHash ChangeThis>",
+						data: {
+							variableName: theVariableName, 
+							secondVariableName: theSecondVariableName
+						},
+						async: false
+					});
+					if(ajaxCall.status == 200)
+					{
+						$("#resultsDiv").html(ajaxCall.responseText);
+					}
+					else
+					{
+						$("#resultsDiv").html("<p> An Error Occurred: " + ajaxCall.status + " " + ajaxCall.statusText + "</p>");
+					}
+					$("#resultsDiv").show("slow", function(){
+						$("#loadingSign").hide("fast", function(){
+							$("#submitButton").show("slow");
+						});
+					});
+				});
+			});
+		</script>
+		*/
+		%>
+		<% if(Analytics.googleAnalyticsOn) { %><%= Analytics.googleAnalyticsScript %><% } %>
+</body>
+</html>
+<%
+	}
+	else
+	{
+		response.sendRedirect("../loggedOutSheep.html");
+	}
+}
+else
+{
+	response.sendRedirect("../loggedOutSheep.html");
+}
+%>
diff --git a/SecurityShepherdCore/src/servlets/ChangePassword.java b/SecurityShepherdCore/src/servlets/ChangePassword.java
index 1f771c60c..f8e9ba7c1 100644
--- a/SecurityShepherdCore/src/servlets/ChangePassword.java
+++ b/SecurityShepherdCore/src/servlets/ChangePassword.java
@@ -72,15 +72,13 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					String passwordConfirm = (String) request.getParameter("passwordConfirmation");
 					String ApplicationRoot = getServletContext().getRealPath("");
 					
-					log.debug("Validating Parameters");
 					boolean validData = false;
 					boolean passwordChange = false;
 					boolean validPassword = false;
 					validData = newPassword.equalsIgnoreCase(passwordConfirm) && !newPassword.isEmpty() && newPassword != null;
 					passwordChange = !currentPassword.equalsIgnoreCase(newPassword);
 					validPassword = newPassword.length() > 4 && newPassword.length() <= 512;
-					boolean isUserLocked = !Getter.isUserLocked(ApplicationRoot, userName);
-					if(validData && passwordChange && isUserLocked && validPassword)
+					if(validData && passwordChange && validPassword)
 					{
 						log.debug("Validating Current Password");
 						String user[] = Getter.authUser(ApplicationRoot, userName, currentPassword);
diff --git a/SecurityShepherdCore/src/servlets/GetJsonScore.java b/SecurityShepherdCore/src/servlets/GetJsonScore.java
index 09f213d19..e871630d9 100644
--- a/SecurityShepherdCore/src/servlets/GetJsonScore.java
+++ b/SecurityShepherdCore/src/servlets/GetJsonScore.java
@@ -78,7 +78,10 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					else
 					{
 						//User should get their class scoreboard
-						scoreboardClass = ses.getAttribute("userClass").toString();
+						if(ses.getAttribute("userClass") != null)
+							scoreboardClass = ses.getAttribute("userClass").toString();
+						else
+							scoreboardClass = new String();
 					}
 				}
 				else
diff --git a/SecurityShepherdCore/src/servlets/MobileLogin.java b/SecurityShepherdCore/src/servlets/MobileLogin.java
index 884ef5b73..c45b33e21 100644
--- a/SecurityShepherdCore/src/servlets/MobileLogin.java
+++ b/SecurityShepherdCore/src/servlets/MobileLogin.java
@@ -48,6 +48,7 @@ public class MobileLogin extends HttpServlet
 	 * @param login User's User Name
 	 * @param pwd User's Password		
 	 */
+	@SuppressWarnings("unchecked")
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
     throws ServletException, IOException
     {
diff --git a/SecurityShepherdCore/src/servlets/admin/config/EnableScoreboard.java b/SecurityShepherdCore/src/servlets/admin/config/EnableScoreboard.java
index 75e52b02e..8431be1fd 100644
--- a/SecurityShepherdCore/src/servlets/admin/config/EnableScoreboard.java
+++ b/SecurityShepherdCore/src/servlets/admin/config/EnableScoreboard.java
@@ -109,18 +109,26 @@ else if (classId.equalsIgnoreCase("classSpecific"))
 					{
 						log.debug(scoreboardMessage);
 						String restrictedScoreboard = Validate.validateParameter(request.getParameter("restricted"), 5);
-						if(restrictedScoreboard.isEmpty()) //Public Scoreboard
+						if(restrictedScoreboard.isEmpty() && classId.equalsIgnoreCase("classSpecific")) //Total Public Scoreboard
 						{
-							log.debug("Public Scoreboard Enabled");
+							log.debug("User Accessible Scoreboard Enabled");
 							htmlOutput = "<h3 class='title'>Scoreboard Settings Updated</h3>"
 								+ "<p>" + scoreboardMessage +"</p>";
 						}
 						else
 						{
-							ScoreboardStatus.setScoreboardAdminOnly();
-							log.debug("Admin Only Scoreboard Enabled");
-							htmlOutput = "<h3 class='title'>Scoreboard Settings Updated</h3>"
-								+ "<p>" + scoreboardMessage +" The scoreboard is only accessible by administrators</p>";
+							if(!classId.equalsIgnoreCase("classSpecific") && !restrictedScoreboard.isEmpty())
+							{
+								ScoreboardStatus.setScoreboardAdminOnly();
+								log.debug("Admin Only Scoreboard Enabled");
+								htmlOutput = "<h3 class='title'>Scoreboard Settings Updated</h3>"
+									+ "<p>" + scoreboardMessage +" The scoreboard is only accessible by administrators</p>";
+							}
+							else //Not an Admin Only Board. Give response
+							{
+								htmlOutput = "<h3 class='title'>Scoreboard Settings Updated</h3>"
+										+ "<p>" + scoreboardMessage + "</p>";
+							}
 						}
 					}
 					out.write(htmlOutput);
diff --git a/SecurityShepherdCore/src/servlets/module/FeedbackSubmit.java b/SecurityShepherdCore/src/servlets/module/FeedbackSubmit.java
index b7505b8ce..0b0fa8cc2 100644
--- a/SecurityShepherdCore/src/servlets/module/FeedbackSubmit.java
+++ b/SecurityShepherdCore/src/servlets/module/FeedbackSubmit.java
@@ -15,7 +15,6 @@
 import org.owasp.esapi.Encoder;
 
 import utils.Hash;
-import utils.ModulePlan;
 import utils.ShepherdLogManager;
 import utils.Validate;
 import dbProcs.Getter;
@@ -138,8 +137,8 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 											"<p>" +
 											encoder.encodeForHTML(result) + " completed! Congratulations.");
 									htmlOutput += "</p>";
-									if(ModulePlan.isIncrementalFloor())
-										htmlOutput += refreshMenuScript(encoder.encodeForHTML((String)tokenParmeter));
+									//Refresh Side Menu
+									htmlOutput += refreshMenuScript(encoder.encodeForHTML((String)tokenParmeter), "Refresh Error");
 								}
 								else
 								{
@@ -221,31 +220,8 @@ else if(storedResult == null)
 		log.debug("&&& END SolutionSubmit &&&");
 	}
 	
-	public static String refreshMenuScript(String csrfToken)
+	public static String refreshMenuScript(String csrfToken, String localError)
 	{
-		return refreshMenuScript1 + csrfToken + refreshMenuScript2;
+		return "<script>refreshSideMenu(\"" + csrfToken + "\", \"" + localError + "\")</script>";
 	}
-	
-	private static String refreshMenuScript1 = "<script>" +
-			"$(\"#sideMenuWrapper\").slideUp(\"fast\", function(){" +
-			"var ajaxCall = $.ajax({" +
-				"type: \"POST\"," +
-				"url: \"refreshMenu\"," +
-				"data: {" +
-					"csrfToken: \"";
-	private static String refreshMenuScript2 = "\"" +
-				"}," +
-				"async: false" +
-			"});" +
-			"if(ajaxCall.status == 200)" +
-			"{" +
-				"$(\"#sideMenuWrapper\").html(ajaxCall.responseText);" +
-			"}" +
-			"else" +
-			"{" +
-				"$(\"#sideMenuWrapper\").append(\"<br/><font color='red'>Refresh Failed: \" + ajaxCall.status + \"</font>\");" +
-			"}" +
-		"});" +
-		"$('#sideMenuWrapper').slideDown('slow');" +
-		"</script>";
 }
diff --git a/SecurityShepherdCore/src/servlets/module/ModuleServletTemplate.java b/SecurityShepherdCore/src/servlets/module/ModuleServletTemplate.java
index ad24f2f0b..ac6739d7d 100644
--- a/SecurityShepherdCore/src/servlets/module/ModuleServletTemplate.java
+++ b/SecurityShepherdCore/src/servlets/module/ModuleServletTemplate.java
@@ -6,6 +6,8 @@
 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.sql.Statement;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -48,7 +50,7 @@ public class ModuleServletTemplate
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(ModuleServletTemplate.class);
 	private static String levelName = "Level Name Here";
-	private static String levelHash = "Level Hash Here";
+	public static String levelHash = "Level Hash Here";
 	private static String levelResult = ""; // Put the Level Result Key here only if the level is not hardcoded in the database or mobile application
 	/**
 	 * Describe level here, and how a user is supposed to beat it
@@ -61,6 +63,10 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		PrintWriter out = response.getWriter();  
 		out.print(getServletInfo());
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.folder.fileNameWithoutExtention", locale);
 		try
 		{
 			//Get the session from the request
@@ -70,6 +76,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 				//Valid Session, time to log who it is
 				ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
 				log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
+				
 				boolean returnKey = false;
 				
 				//Template Users: Edit from here
@@ -79,17 +86,17 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 				//If you want to call a database function, this section if for you. All the way up until if(returnKey)
 				//Get Running Context of Application to make Database Call with
 				String applicationRoot = getServletContext().getRealPath("");
-				String output = doLevelSqlStuff(applicationRoot, aUserName);
-				log.debug("output returned is " + output);
-				String htmlOutput = "<h2 class='title'>Search Results</h2>";
+				String output = doLevelSqlStuff(applicationRoot, aUserName, bundle);
+				log.debug("Logging in English. Going to Output " + output);
+				String htmlOutput = "<h2 class='title'>" + bundle.getString("module.example.header") + "</h2>";
 				if (output == null)
 				{
-					htmlOutput += "<p>No rows returned from that query!";
+					htmlOutput += "<p>" + bundle.getString("module.example.outputWasNull") + "/p>";
 				}
-				else if(output.startsWith("Error"))
+				else if(output.startsWith("123"))
 				{
 					log.debug("Setting Error Message");
-					htmlOutput += "<p>An error was detected!</p>" +
+					htmlOutput += "<p>" + bundle.getString("example.error.123") + "</p>" +
 							"<p>" + output + "</p>";
 				}
 				else
@@ -104,9 +111,9 @@ else if(output.startsWith("Error"))
 					String userKey = Hash.generateUserSolution(levelResult, (String)ses.getAttribute("userName"));
 					log.debug("User has compelted level");
 					//Otherwise just set userKey to "resultKey" and use the rest of this snip (If key is hardcoded, make sure you set it that way in your database level entry)
-					htmlOutput = "<h2 class='title'>Level Completed</h2>" +
+					htmlOutput = "<h2 class='title'>" + bundle.getString("module.example.completedHeader") + "</h2>" +
 							"<p>" +
-							"Welcome administrator. Your result key is as follows " +
+							bundle.getString("module.example.theKeyIs") + " " +
 							"<a>" + userKey + "</a>" +
 							"</p>";
 					
@@ -123,12 +130,12 @@ else if(output.startsWith("Error"))
 		catch(Exception e)
 		{
 			//Dont change this error
-			out.write("An Error Occurred! You must be getting funky!");
+			out.write(errors.getString("error.funky"));
 			log.fatal(levelName + " - " + e.toString());
 		}
 	}
 	
-	public static String doLevelSqlStuff (String applicationRoot, String username)
+	public static String doLevelSqlStuff (String applicationRoot, String username, ResourceBundle bundle)
 	{
 		Encoder encoder = ESAPI.encoder();
 		String result = new String();
@@ -152,11 +159,11 @@ public static String doLevelSqlStuff (String applicationRoot, String username)
 		catch (SQLException e)
 		{
 			log.debug("SQL Error caught - " + e.toString());
-			result = "Error: " + encoder.encodeForHTML(e.toString()); //Html Encode Error to prevent XSS
+			result = bundle.getString("example.error") + ": " + encoder.encodeForHTML(e.toString()); //Html Encode Error to prevent XSS
 		}
 		catch (Exception e)
 		{
-			log.fatal("Error: " + encoder.encodeForHTML(e.toString())); //Html Encode Error to prevent XSS
+			log.fatal(bundle.getString("example.error") + ": " + encoder.encodeForHTML(e.toString())); //Html Encode Error to prevent XSS
 		}
 		return result;
 	}
diff --git a/SecurityShepherdCore/src/servlets/module/RefreshMenu.java b/SecurityShepherdCore/src/servlets/module/RefreshMenu.java
index 46544ecc0..da3a59851 100644
--- a/SecurityShepherdCore/src/servlets/module/RefreshMenu.java
+++ b/SecurityShepherdCore/src/servlets/module/RefreshMenu.java
@@ -2,6 +2,8 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.Cookie;
@@ -11,6 +13,8 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
+import org.owasp.esapi.ESAPI;
+import org.owasp.esapi.Encoder;
 
 import utils.ModulePlan;
 import utils.ShepherdLogManager;
@@ -42,7 +46,7 @@ public class RefreshMenu extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(GetModule.class);
 	/**
-	 * This method refreshes the user's menu after they complete a level incremental mode. This ensures that the process of continuing challenges is a fluid one.
+	 * This servlet returns a fresh version of the module menu bar. This is used when completing levels, changing the floor plan or when opening/closing challenges.
 	 * @param csrfToken
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
@@ -54,6 +58,11 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		PrintWriter out = response.getWriter();  
 		out.print(getServletInfo());
 		HttpSession ses = request.getSession(true);
+		
+		// Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.text", locale);
+		
 		if(Validate.validateSession(ses))
 		{
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
@@ -62,25 +71,40 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			Object tokenParmeter = request.getParameter("csrfToken");
 			if(Validate.validateTokens(tokenCookie, tokenParmeter))
 			{
-				if(ModulePlan.isIncrementalFloor())
+				try 
 				{
-					try
+					Encoder encoder = ESAPI.encoder();
+					String ApplicationRoot = getServletContext().getRealPath("");
+					String userId = (String)ses.getAttribute("userStamp");
+					if(ModulePlan.isIncrementalFloor())
 					{
-						log.debug("Getting ApplicationRoot");
-						String ApplicationRoot = getServletContext().getRealPath("");
-						log.debug("Servlet root = " + ApplicationRoot );
-						
-						out.write(Getter.getIncrementalModules(ApplicationRoot, (String)ses.getAttribute("userStamp"),  ses.getAttribute("lang").toString(), (String)tokenParmeter));
+						log.debug("Returning CTF Menu");
+						out.write(Getter.getIncrementalModules(ApplicationRoot, userId,  ses.getAttribute("lang").toString(), (String)tokenParmeter)
+								+ "<script>startScrollsBars();makeSearchList();</script>");
 					}
-					catch (Exception e)
+					else if (ModulePlan.isOpenFloor())
 					{
-						log.error("Refresh Menu Error: " + e.toString());
+						log.debug("Returning Open Floor Menu");
+						out.write("<li><a id=\"lessonList\" href=\"javascript:;\"><div class=\"menuButton\">" + bundle.getString("generic.text.lessons") + 
+						"</div></a><ul id=\"theLessonList\" style=\"display: none;\">" +
+						Getter.getLessons(ApplicationRoot, userId, locale) +	"</ul></li><li>" +
+						"<a id=\"challengeList\" href=\"javascript:;\"><div class=\"menuButton\">" + 
+						bundle.getString("generic.text.challenges") + "</div></a><ul id=\"theChallengeList\" style=\"display: none;\">" + 
+						Getter.getChallenges(ApplicationRoot, userId, locale) + "</ul></li>"
+						+ "<script>applyMenuButtonActionsOpenOrTourney('" + encoder.encodeForHTML(tokenParmeter.toString()) + "', \"" + encoder.encodeForHTML(bundle.getString("generic.text.sorryError")) + "\");openFloorToggleFunctions();makeSearchList();</script>");
+					}
+					else
+					{
+						if (ModulePlan.isTournyFloor())
+							log.fatal("Could not Pick ModulePlan to use (All False). Using Tournament Instead");
+						log.debug("Returning Tournament Floor Menu");
+						out.write(Getter.getTournamentModules(ApplicationRoot, userId, locale)
+								+ "<script>applyMenuButtonActionsOpenOrTourney('" + encoder.encodeForHTML(tokenParmeter.toString()) + "', \"" + encoder.encodeForHTML(bundle.getString("generic.text.sorryError")) + "\");tournamentToggleFunctions();startScrollsBars();makeSearchList();</script>");
 					}
 				}
-				else
+				catch (Exception e)
 				{
-					//Incremental Mode is not enabled, so No
-					out.write("No");
+					log.error("Refresh Menu Error: " + e.toString());
 				}
 			}
 			else
@@ -91,7 +115,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		else
 		{
 			log.error("Invalid Session Detected");
-			out.write("<img src='css/images/loggedOutSheep.jpg'/>");
+			out.write("Your are logged out! Please sign back in!");
 		}
 		log.debug("&&& END RefreshMenu &&&");
 	}
diff --git a/SecurityShepherdCore/src/servlets/module/SolutionSubmit.java b/SecurityShepherdCore/src/servlets/module/SolutionSubmit.java
index 91eb9a9ec..79fcee918 100644
--- a/SecurityShepherdCore/src/servlets/module/SolutionSubmit.java
+++ b/SecurityShepherdCore/src/servlets/module/SolutionSubmit.java
@@ -2,6 +2,8 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.Cookie;
@@ -16,7 +18,6 @@
 
 import utils.FeedbackStatus;
 import utils.Hash;
-import utils.ModulePlan;
 import utils.ShepherdLogManager;
 import utils.Validate;
 import dbProcs.Getter;
@@ -120,7 +121,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 							validKey = storedResult.compareTo(decryptedKey) == 0;
 							log.debug("Decrypted Submitted Key: " + decryptedKey);
 							log.debug("Stored Expected Key    : " + storedResult);
-							
 						}
 						if(validKey)
 						{
@@ -145,13 +145,15 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 									result = Setter.updatePlayerResult(ApplicationRoot, moduleId, userId, "Feedback is Disabled", 1, 1, 1);
 									if(result != null)
 									{
-										log.debug("Solution Submission for module " + result + " succeeded");
+										ResourceBundle bundle = ResourceBundle.getBundle("i18n.moduleGenerics.moduleNames", new Locale(Validate.validateLanguage(request.getSession())));
+										String compltedModuleLocalName = bundle.getString(result);
+										log.debug("Solution Submission for module " + compltedModuleLocalName + " succeeded");
 										htmlOutput = new String("<h2 class=\"title\">Solution Submission Success</h2><br>" +
 												"<p>" +
-												encoder.encodeForHTML(result) + " completed! Congratulations.");
+												compltedModuleLocalName + " completed! Congratulations.");
 										htmlOutput += "</p>";
-										if(ModulePlan.isIncrementalFloor())
-											htmlOutput += FeedbackSubmit.refreshMenuScript(encoder.encodeForHTML((String)tokenParmeter));
+										//Refresh Side Menu
+										htmlOutput += FeedbackSubmit.refreshMenuScript(encoder.encodeForHTML((String)tokenParmeter), "Refresh Error");
 										log.debug("Resetting user's Bad Submisison count to 0");
 										Setter.resetBadSubmission(ApplicationRoot, userId);
 										out.write(htmlOutput);
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto3.java b/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto3.java
index 6774738cd..2b084d3e1 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto3.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto3.java
@@ -2,6 +2,8 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -42,7 +44,7 @@ public class BrokenCrypto3 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(BrokenCrypto3.class);
 	private static String levelName = "Broken Crypto Challenge 3";
-	private static String levelHash = "2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1";
+	public static String levelHash = "2da053b4afb1530a500120a49a14d422ea56705a7e3fc405a77bc269948ccae1";
 	public static String levelResult = "thisisthesecurityshepherdabcencryptionkey"; //Is used as encryption key in this level
 
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
@@ -53,13 +55,18 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		
 		HttpSession ses = request.getSession(true);
 		if(Validate.validateSession(ses))
-		{	
+		{			
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
 			log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
-		
+			String htmlOutput = new String();
+			
 			PrintWriter out = response.getWriter();
 			out.print(getServletInfo());
-			String htmlOutput = new String();
+			
+			//Translation Stuff
+			Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+			ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+			ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
 			try
 			{
 				String userData = request.getParameter("userData");
@@ -70,14 +77,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 				String decryptedUserData = decrypt(userData, levelResult);
 				log.debug("Decrypted to: " + decryptedUserData);
 				Encoder encoder = ESAPI.encoder();
-				htmlOutput = "<h2>Plain text Result:</h2><p>Your cipher text was decrypted to the following:<br/><br/><em>"
+				htmlOutput = "<h2 class='title'>" + bundle.getString("insecureCyrptoStorage.3.plaintextResult") + "</h2><p>" + bundle.getString("insecureCyrptoStorage.3.plaintextResult.message") + "<br/><br/><em>"
 						+ encoder.encodeForHTML(decryptedUserData)
 						+ "</em></p>";
 			}
 			catch(Exception e)
 			{
-				htmlOutput = "An Error Occurred! You must be getting funky!";
 				log.fatal(levelName + " - " + e.toString());
+				htmlOutput = errors.getString("error.funky");
 			}
 			out.write(htmlOutput);
 		}
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto4.java b/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto4.java
index 27d2e610e..961b98aa7 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto4.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/BrokenCrypto4.java
@@ -5,6 +5,8 @@
 import java.sql.Connection;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -13,8 +15,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import utils.Hash;
 import utils.ShepherdLogManager;
@@ -22,7 +22,7 @@
 import dbProcs.Database;
 import dbProcs.Getter;
 /**
- * Level : Broken Crypto NEW
+ * Level : Broken Crypto 4
  * <br><br>
  * 
  * This file is part of the Security Shepherd Project.
@@ -57,13 +57,16 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		HttpSession ses = request.getSession(true);
 		if(Validate.validateSession(ses))
 		{
+			//Translation Stuff
+			Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+			ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.insecureCryptoStorage.insecureCryptoStorage", locale);
+			
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
 			log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
 			PrintWriter out = response.getWriter();  
 			out.print(getServletInfo());
 			String htmlOutput = new String();
 			String applicationRoot = getServletContext().getRealPath("");
-			Encoder encoder = ESAPI.encoder();
 			try
 			{
 				//Get and validate cart amounts
@@ -138,18 +141,18 @@ else if (coupons.getInt(1) == 4) // NotBad
 				int finalCost = megustaCost + rageCost + notBadAmount + trollCost;
 				
 				//Output Order
-				htmlOutput = "<h3>Order Complete</h3>"
-						+ "Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.<br/><br/>"
-						+ "Your order comes to a total of <a><strong>$" + finalCost + "</strong></a>";
+				htmlOutput = "<h3>" + bundle.getString("insecureCyrptoStorage.4.orderComplete") + "</h3>"
+						+ "<p>" + bundle.getString("insecureCyrptoStorage.4.orderShipped") + "<br/></p>"
+						+ "<p>" + bundle.getString("insecureCyrptoStorage.4.totalCost") + " <a><strong>$" + finalCost + "</strong></a></p>";
 				if (trollAmount > 0 && trollCost == 0)
 				{
-					htmlOutput += "<br><br>Trolls were free, Well Done - <a><b>" + encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash), (String)ses.getAttribute("userName"))) + "</b></a>";
+					htmlOutput += "<p>" + bundle.getString("insecureCyrptoStorage.4.freeTrolls") + " - " + Hash.generateUserSolution(Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash), (String)ses.getAttribute("userName")) + "</p>";
 				}
 			}
 			catch(Exception e)
 			{
 				log.debug("Didn't complete order: " + e.toString());
-				htmlOutput += "<p> Order Failed - Please try again later</p>";
+				htmlOutput += "<p>" + bundle.getString("insecureCyrptoStorage.4.orderFailed") + "</p>";
 			}
 			try
 			{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeJSON.java b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeJSON.java
index 45e75b30c..5589d4a97 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeJSON.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeJSON.java
@@ -20,7 +20,7 @@
 import dbProcs.Setter;
 
 /**
- * Cross Site Request Forgery Challenge New - Does not return result Key
+ * Cross Site Request Forgery Challenge JSON - Does not return result Key, just sets URL for Class Forum
  * <br/><br/>
  * This file is part of the Security Shepherd Project.
  * 
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSevenGetToken.java b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSevenGetToken.java
index 735d65b2a..d36055430 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSevenGetToken.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSevenGetToken.java
@@ -46,7 +46,7 @@ public class CsrfChallengeSevenGetToken extends HttpServlet
 {
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(CsrfChallengeSevenGetToken.class);
-	private static final String levelHash = "7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3";
+	public static final String levelHash = "7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3";
 	private static String levelName = "CSRF Challenge 7 Get Token";
 	/**
 	 * Allows users to retrieve their CSRF token for the CSRF Challenge 6 module
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSixGetToken.java b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSixGetToken.java
index 118e982c9..8c58fc2c7 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSixGetToken.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeSixGetToken.java
@@ -46,7 +46,7 @@ public class CsrfChallengeSixGetToken extends HttpServlet
 {
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(CsrfChallengeSixGetToken.class);
-	private static final String levelHash = "7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3";
+	public static final String levelHash = "7d79ea2b2a82543d480a63e55ebb8fef3209c5d648b54d1276813cd072815df3";
 	private static String levelName = "CSRF Challenge 6 Get Token";
 	/**
 	 * Allows users to retrieve their CSRF token for the CSRF Challenge 6 module
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeTargetJSON.java b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeTargetJSON.java
index 08c43d9e4..723d6bdcf 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeTargetJSON.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/CsrfChallengeTargetJSON.java
@@ -122,6 +122,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		}
 	}
 	
+	@SuppressWarnings("resource")
 	static String extractPostRequestBody(HttpServletRequest request) throws IOException {
 	    if ("POST".equalsIgnoreCase(request.getMethod())) {
 	        Scanner s = new Scanner(request.getInputStream(), "UTF-8").useDelimiter("\\A");
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/DirectObject1.java b/SecurityShepherdCore/src/servlets/module/challenge/DirectObject1.java
index df4544ef3..62414b87c 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/DirectObject1.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/DirectObject1.java
@@ -5,6 +5,8 @@
 import java.sql.Connection;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -46,8 +48,7 @@ public class DirectObject1 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObject1.class);
 	private static String levelName = "Insecure Direct Object Challenge Challenge One";
-	private static String levelHash = "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c";
-	private static String levelResult = ""; //Stored in DB. Not user Specific
+	public static String levelHash = "o9a450a64cc2a196f55878e2bd9a27a72daea0f17017253f87e7ebd98c71c98c";
 	/**
 	 * The user must abuse this functionality to reveal a hidden user. The result key is hidden in this users profile.
 	 * @param userId To be used in generating the HTML output
@@ -58,6 +59,11 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectRef1", locale);
+		
 		HttpSession ses = request.getSession(true);
 		if(Validate.validateSession(ses))
 		{
@@ -82,14 +88,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					log.debug("Found user: " + resultSet.getString(1));
 					String userName = resultSet.getString(1);
 					String privateMessage = resultSet.getString(2);
-					htmlOutput = "<h2 class='title'>" + userName + "'s Message</h2>" +
+					htmlOutput = "<h2 class='title'>" + userName + "'s " + bundle.getString("response.message") + "</h2>" +
 							"<p>" + privateMessage + "</p>";
 				}
 				else
 				{
 					log.debug("No Profile Found");
 					Encoder encoder = ESAPI.encoder();
-					htmlOutput = "<h2 class='title'>User: 404 - User Not Found</h2><p>User '" + encoder.encodeForHTML(userId) + "' could not be found or does not exist.</p>";
+					htmlOutput = "<h2 class='title'>" + bundle.getString("response.notFound") + "</h2><p>" + bundle.getString("response.notFoundMessage.1") + " '" + encoder.encodeForHTML(userId) + "' " + bundle.getString("response.notFoundMessage.2") + "</p>";
 				}
 				log.debug("Outputting HTML");
 				out.write(htmlOutput);
@@ -97,7 +103,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			}
 			catch(Exception e)
 			{
-				out.write("An Error Occurred! You must be getting funky!");
+				out.write(errors.getString("error.funky"));
 				log.fatal(levelName + " - " + e.toString());
 			}
 		}
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/DirectObject2.java b/SecurityShepherdCore/src/servlets/module/challenge/DirectObject2.java
index b69b94194..a3f9db9f3 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/DirectObject2.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/DirectObject2.java
@@ -5,6 +5,8 @@
 import java.sql.Connection;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -46,8 +48,7 @@ public class DirectObject2 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObject2.class);
 	private static String levelName = "Insecure Direct Object Reference Challenge Two";
-	private static String levelHash = "vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4";
-	private static String levelResult = ""; //Stored in DB. Not user Specific
+	public static String levelHash = "vc9b78627df2c032ceaf7375df1d847e47ed7abac2a4ce4cb6086646e0f313a4";
 	/**
 	 * The user must abuse this functionality to reveal a hidden user. The result key is hidden in this users profile.
 	 * @param userId To be used in generating the HTML output
@@ -58,6 +59,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		HttpSession ses = request.getSession(true);
+		
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectRef2", locale);
+		
 		if(Validate.validateSession(ses))
 		{
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
@@ -81,14 +88,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					log.debug("Found user: " + resultSet.getString(1));
 					String userName = resultSet.getString(1);
 					String privateMessage = resultSet.getString(2);
-					htmlOutput = "<h2 class='title'>" + userName + "'s Message</h2>" +
+					htmlOutput = "<h2 class='title'>" + userName + "'s " + bundle.getString("response.message") + "</h2>" +
 							"<p>" + privateMessage + "</p>";
 				}
 				else
 				{
 					log.debug("No Profile Found");
 					Encoder encoder = ESAPI.encoder();
-					htmlOutput = "<h2 class='title'>User: 404 - User Not Found</h2><p>User '" + encoder.encodeForHTML(userId) + "' could not be found or does not exist.</p>";
+					htmlOutput = "<h2 class='title'>" + bundle.getString("response.notFound") + "</h2><p>" + bundle.getString("response.notFoundMessage.1") + " '" + encoder.encodeForHTML(userId) + "' " + bundle.getString("response.notFoundMessage.2") + "</p>";
 				}
 				log.debug("Outputting HTML");
 				out.write(htmlOutput);
@@ -96,7 +103,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			}
 			catch(Exception e)
 			{
-				out.write("An Error Occurred! You must be getting funky!");
+				out.write(errors.getString("error.funky"));
 				log.fatal(levelName + " - " + e.toString());
 			}
 		}
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankCurrentBalance.java b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankCurrentBalance.java
index c06f7e232..eca49eb4d 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankCurrentBalance.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankCurrentBalance.java
@@ -2,9 +2,9 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
-import java.sql.CallableStatement;
-import java.sql.Connection;
 import java.sql.SQLException;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -16,7 +16,6 @@
 
 import utils.ShepherdLogManager;
 import utils.Validate;
-import dbProcs.Database;
 
 /**
  * Insecure Direct Object Reference Bank Challenge Get Balance Function
@@ -44,9 +43,9 @@ public class DirectObjectBankCurrentBalance extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObjectBankCurrentBalance.class);
 	private static String levelName = "Insecure Direct Object Bank Challenge (Refresh Balance)";
-	private static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
+	public static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
 	/**
-	 * This Servlet is used to register a new bank account
+	 * This Servlet is used by users to register a new bank account in the Insecure Direct Object Bank Challenge. 
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
@@ -54,6 +53,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		HttpSession ses = request.getSession(true);
+
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectBank", locale);
+		
 		if(Validate.validateSession(ses))
 		{
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
@@ -73,12 +78,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			}
 			catch(SQLException e)
 			{
-				out.write("An Error Occurred! You must be getting funky! Could not get Balance!");
+				out.write(errors.getString("error.funky") + " " + bundle.getString("login.error.couldNotGetBalance"));
 				log.fatal(levelName + " SQL Error - " + e.toString());
 			}
 			catch(Exception e)
 			{
-				out.write("An Error Occurred! You must be getting funky!");
+				out.write(errors.getString("error.funky"));
 				log.fatal(levelName + " - " + e.toString());
 			}
 		}
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogin.java b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogin.java
index fb08df7b3..c87683891 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogin.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogin.java
@@ -6,6 +6,8 @@
 import java.sql.Connection;
 import java.sql.ResultSet;
 import java.sql.SQLException;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -47,10 +49,12 @@ public class DirectObjectBankLogin extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObjectBankLogin.class);
 	private static String levelName = "Insecure Direct Object Bank Challenge";
-	private static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
+	public static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
 	private static String levelResult = "4a1df02af317270f844b56edc0c29a09f3dd39faad3e2a23393606769b2dfa35";
 	/**
-	 * TODO - This Servlet is used to Sign In as Bank Account
+	 * This Servlet is used in the Insecure Direct Object Bank to sign in to a specific bank account. 
+	 * It does this by checking the user DB credentials and then returns the bank form the user needs 
+	 * to call Bank Functions.
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
@@ -58,6 +62,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		HttpSession ses = request.getSession(true);
+
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectBank", locale);
+		
 		if(Validate.validateSession(ses))
 		{
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
@@ -83,13 +93,13 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					String accountNumber = resultSet.getString(1);
 					log.debug("Found Account Number: " + accountNumber);
 					ses.setAttribute("directObjectBankAccount", accountNumber);
-					htmlOutput += bankForm(accountNumber, applicationRoot, ses);
+					htmlOutput += bankForm(accountNumber, applicationRoot, ses, bundle, errors);
 				}
 				else
 				{
 					log.debug("Authentication Failed");
 					Encoder encoder = ESAPI.encoder();
-					htmlOutput = "ERROR: User '" + encoder.encodeForHTML(accountHolder) + "' could not be logged in";
+					htmlOutput = bundle.getString("login.authFailedMessage.1") + " '" + encoder.encodeForHTML(accountHolder) + "' " + bundle.getString("login.authFailedMessage.2");
 				}
 				log.debug("Outputting HTML");
 				out.write(htmlOutput);
@@ -97,12 +107,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			}
 			catch(SQLException e)
 			{
-				out.write("An Error Occurred! You must be getting funky! Could not get Balance!");
+				out.write(errors.getString("error.funky") + " " + bundle.getString("login.error.couldNotGetBalance"));
 				log.fatal(levelName + " SQL Error - " + e.toString());
 			}
 			catch(Exception e)
 			{
-				out.write("An Error Occurred! You must be getting funky!");
+				out.write(errors.getString("error.funky"));
 				log.fatal(levelName + " - " + e.toString());
 			}
 		}
@@ -112,36 +122,92 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		}
 	}
 	
+	/**
+	 * Method used to return the bank interaction view for the user that is signed into the Direct Object Bank challenge
+	 * @param accountNumber
+	 * @param applicationRoot
+	 * @param ses
+	 * @param bundle
+	 * @param errors
+	 * @return
+	 * @throws SQLException
+	 */
+	public static String bankForm(String accountNumber, String applicationRoot, HttpSession ses, ResourceBundle bundle, ResourceBundle errors) throws SQLException 
+	{
+		Encoder encoder = ESAPI.encoder();
+		float currentBalance = getAccountBalance(accountNumber, applicationRoot);
+		String bankForm = "<h2 class='title'>" + bundle.getString("bankForm.yourAccount") + "</h2>" +
+				"<p>" + bundle.getString("bankForm.yourAccount.balance") + " <div id='currentAccountBalanceDiv'><b>" + currentBalance + "</b></div></p>";
+		if(currentBalance > 5000000)
+		{
+			//Level Complete As the user has more than 5000000 in account. Return Key
+			bankForm += "<h2 class='title'>" + bundle.getString("result.complete") + "</h2><p>" + bundle.getString("result.wellDone") + "<br><br>"
+					+ "" + bundle.getString("result.theKeyIs") + " <a>" + Hash.generateUserSolution(levelResult, (String)ses.getAttribute("userName")) + "</a>";
+		}
+		bankForm += ""
+				+ "<input type='hidden' value='" + encoder.encodeForHTMLAttribute(accountNumber) + "' id='currentAccountNumber'>"
+				+ "<h2 class='title'>" + bundle.getString("bankForm.transferFunds") + "</h2><p>" + bundle.getString("bankForm.transferFunds.whatToDo") + "</p>"
+				+ "<div id='transferFundsForm'><form id='transferFunds' action='javascript:transferFunds();'>"
+				+ "<table><tr><td>" + bundle.getString("bankForm.recieverNumber") + " </td><td><input type='text' id='recieverAccountNumber'></td></tr>"
+				+ "<tr><td>" + bundle.getString("bankForm.amountToSend") + " </td><td><input type='text' id='transferAmount'></td></tr>"
+				+ "<tr><td colspan='2'><input type='submit' value='" + bundle.getString("bankForm.transferFunds") + "'></td></tr>"
+				+ "</table></form></div><div id='transferLoadingDiv' style='display: none;'>" + bundle.getString("bankForm.loading") + "</div>"
+				+ "<div id='transferResultsDiv'></div>"
+				+ "<h2 class='title'>" + bundle.getString("bankForm.refreshBalance") + "</h2><p>" + bundle.getString("bankForm.refreshBalance.whatToDo") + "</p>"
+				+ "<div id='refreshFormDiv'>"
+				+ "<table><tr><td><input type='button' id='refreshFunds' onclick='refreshFunds();' value='" + bundle.getString("bankForm.refreshBalance") + "'></td></tr></table>"
+				+ "</div><div id='refreshLoadingSign' style='display: none;'>" + bundle.getString("bankForm.loading") + "</div>"
+				+ "<div id='refreshResultsDiv'></div>"
+				+ "<h2 class='title'>" + bundle.getString("bankForm.logoutOfAccount") + "</h2><p>" + bundle.getString("bankForm.logoutOfAccount.whatToDo") + "</p>"
+				+ "<div id='logoutFormDiv'>"
+				+ "<table><tr><td><input type='button' id='logoutButton' onclick='logout();' value='" + bundle.getString("bankForm.logoutFromBankAccount") + "'></td></tr></table>"
+				+ "</div><div id='logoutLoadingSign' style='display: none;'>" + bundle.getString("bankForm.loading") + "</div>"
+				+ "<div id='logoutResultsDiv'></div>";
+		return bankForm;
+	}
+	
+	/**
+	 * Method used to return the bank interaction view for the user that is signed into the Direct Object Bank challenge. This method pulls the local level translation from the session submitted
+	 * @param accountNumber
+	 * @param applicationRoot
+	 * @param ses
+	 * @return
+	 * @throws SQLException
+	 */
 	public static String bankForm(String accountNumber, String applicationRoot, HttpSession ses) throws SQLException 
 	{
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(ses));
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectBank", locale);
+				
 		Encoder encoder = ESAPI.encoder();
 		float currentBalance = getAccountBalance(accountNumber, applicationRoot);
-		String bankForm = "<h2 class='title'>Your Account</h2>" +
-				"<p>Your account balance is currently: <div id='currentAccountBalanceDiv'><b>" + currentBalance + "</b></div></p>";
+		String bankForm = "<h2 class='title'>" + bundle.getString("bankForm.yourAccount") + "</h2>" +
+				"<p>" + bundle.getString("bankForm.yourAccount.balance") + " <div id='currentAccountBalanceDiv'><b>" + currentBalance + "</b></div></p>";
 		if(currentBalance > 5000000)
 		{
 			//Level Complete As the user has more than 5000000 in account. Return Key
-			bankForm += "<h2 class='title'>Challenge Complete</h2><p>Congradulations, you have sucessfully completed this challenge. Use the following result key at the top of the page to mark this level as complete in the sytem.<br><br>"
-					+ "The result key for this challenge is <a>" + encoder.encodeForHTML(Hash.generateUserSolution(levelResult, (String)ses.getAttribute("userName"))) + "</a>";
+			bankForm += "<h2 class='title'>" + bundle.getString("result.complete") + "</h2><p>" + bundle.getString("result.wellDone") + "<br><br>"
+					+ "" + bundle.getString("result.theKeyIs") + " <a>" + encoder.encodeForHTML(Hash.generateUserSolution(levelResult, (String)ses.getAttribute("userName"))) + "</a>";
 		}
 		bankForm += ""
 				+ "<input type='hidden' value='" + encoder.encodeForHTMLAttribute(accountNumber) + "' id='currentAccountNumber'>"
-				+ "<h2 class='title'>Transfer Funds</h2><p>Use this form to send money to other accounts in this bank. All you need to do is enter their account number and the ammount you want to send!</p>"
+				+ "<h2 class='title'>" + bundle.getString("bankForm.transferFunds") + "</h2><p>" + bundle.getString("bankForm.transferFunds.whatToDo") + "</p>"
 				+ "<div id='transferFundsForm'><form id='transferFunds' action='javascript:transferFunds();'>"
-				+ "<table><tr><td>Reciever Account Number: </td><td><input type='text' id='recieverAccountNumber'></td></tr>"
-				+ "<tr><td>Amount to Send: </td><td><input type='text' id='transferAmount'></td></tr>"
-				+ "<tr><td colspan='2'><input type='submit' value='Transfer Funds'></td></tr>"
-				+ "</table></form></div><div id='transferLoadingDiv' style='display: none;'>Loading...</div>"
+				+ "<table><tr><td>" + bundle.getString("bankForm.recieverNumber") + " </td><td><input type='text' id='recieverAccountNumber'></td></tr>"
+				+ "<tr><td>" + bundle.getString("bankForm.amountToSend") + " </td><td><input type='text' id='transferAmount'></td></tr>"
+				+ "<tr><td colspan='2'><input type='submit' value='" + bundle.getString("bankForm.transferFunds") + "'></td></tr>"
+				+ "</table></form></div><div id='transferLoadingDiv' style='display: none;'>" + bundle.getString("bankForm.loading") + "</div>"
 				+ "<div id='transferResultsDiv'></div>"
-				+ "<h2 class='title'>Refresh Balance</h2><p>Use this form to refresh your balance above. That way you can see if any money came in recently!</p>"
+				+ "<h2 class='title'>" + bundle.getString("bankForm.refreshBalance") + "</h2><p>" + bundle.getString("bankForm.refreshBalance.whatToDo") + "</p>"
 				+ "<div id='refreshFormDiv'>"
-				+ "<table><tr><td><input type='button' id='refreshFunds' onclick='refreshFunds();' value='Refresh Balance'></td></tr></table>"
-				+ "</div><div id='refreshLoadingSign' style='display: none;'>Loading...</div>"
+				+ "<table><tr><td><input type='button' id='refreshFunds' onclick='refreshFunds();' value='" + bundle.getString("bankForm.refreshBalance") + "'></td></tr></table>"
+				+ "</div><div id='refreshLoadingSign' style='display: none;'>" + bundle.getString("bankForm.loading") + "</div>"
 				+ "<div id='refreshResultsDiv'></div>"
-				+ "<h2 class='title'>Logout of Account</h2><p>Use this form to sign out of your bank account when your done giving your money away.</p>"
+				+ "<h2 class='title'>" + bundle.getString("bankForm.logoutOfAccount") + "</h2><p>" + bundle.getString("bankForm.logoutOfAccount.whatToDo") + "</p>"
 				+ "<div id='logoutFormDiv'>"
-				+ "<table><tr><td><input type='button' id='logoutButton' onclick='logout();' value='Log Out Of Bank Account'></td></tr></table>"
-				+ "</div><div id='logoutLoadingSign' style='display: none;'>Loading...</div>"
+				+ "<table><tr><td><input type='button' id='logoutButton' onclick='logout();' value='" + bundle.getString("bankForm.logoutFromBankAccount") + "'></td></tr></table>"
+				+ "</div><div id='logoutLoadingSign' style='display: none;'>" + bundle.getString("bankForm.loading") + "</div>"
 				+ "<div id='logoutResultsDiv'></div>";
 		return bankForm;
 	}
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogout.java b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogout.java
index b2ffd74b6..56785c981 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogout.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankLogout.java
@@ -2,6 +2,8 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -40,9 +42,9 @@ public class DirectObjectBankLogout extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObjectBankLogout.class);
 	private static String levelName = "Insecure Direct Object Bank Challenge (Logout)";
-	private static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
+	public static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
 	/**
-	 * This Servlet is used to Sign out of a Bank Account
+	 * This Servlet is used by a user to Sign out of a Bank Account Session in the Insecure Direct Bank Challenge
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
@@ -50,6 +52,11 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		HttpSession ses = request.getSession(true);
+
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectBank", locale);
+		
 		if(Validate.validateSession(ses))
 		{
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
@@ -57,7 +64,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			PrintWriter out = response.getWriter();
 			out.print(getServletInfo());
 			ses.removeAttribute("directObjectBankAccount");
-			out.write("Logged Out");
+			out.write(bundle.getString("logout.loggedOut"));
 		}
 		else
 		{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankRegistration.java b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankRegistration.java
index 20ed2b4d8..f4429b3d0 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankRegistration.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankRegistration.java
@@ -5,6 +5,8 @@
 import java.sql.CallableStatement;
 import java.sql.Connection;
 import java.sql.SQLException;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -44,7 +46,7 @@ public class DirectObjectBankRegistration extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObjectBankRegistration.class);
 	private static String levelName = "Insecure Direct Object Bank Challenge (Register)";
-	private static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
+	public static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
 	/**
 	 * This Servlet is used to register a new bank account
 	 */
@@ -54,6 +56,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		HttpSession ses = request.getSession(true);
+
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectBank", locale);
+		
 		if(Validate.validateSession(ses))
 		{
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
@@ -76,18 +84,18 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 				callstmt.execute();
 				log.debug("Sucessfully ran create account procedure.");
 				log.debug("Outputting HTML");
-				htmlOutput = "User account has been registered! Please Sign in!";
+				htmlOutput = bundle.getString("register.accountCreated");
 				out.write(htmlOutput);
 				Database.closeConnection(conn);
 			}
 			catch(SQLException e)
 			{
-				out.write("An Error Occurred! You must be getting funky! Could not create account!");
+				out.write(errors.getString("error.funky") + " " + bundle.getString("register.error"));
 				log.fatal(levelName + " SQL Error - " + e.toString());
 			}
 			catch(Exception e)
 			{
-				out.write("An Error Occurred! You must be getting funky!");
+				out.write(errors.getString("error.funky"));
 				log.fatal(levelName + " - " + e.toString());
 			}
 		}
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankTransfer.java b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankTransfer.java
index b77b2315d..cc6003696 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankTransfer.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/DirectObjectBankTransfer.java
@@ -5,6 +5,8 @@
 import java.sql.CallableStatement;
 import java.sql.Connection;
 import java.sql.SQLException;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -44,9 +46,9 @@ public class DirectObjectBankTransfer extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObjectBankTransfer.class);
 	private static String levelName = "Insecure Direct Object Bank Challenge (Transfer)";
-	private static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
+	public static String levelHash = "1f0935baec6ba69d79cfb2eba5fdfa6ac5d77fadee08585eb98b130ec524d00c";
 	/**
-	 * This Servlet is used to register a new bank account
+	 * This Servlet is used to transfer funds from one bank account to another, insecurely, in the Direct Object Reference Bank challenge
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
@@ -54,6 +56,12 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
 		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
 		HttpSession ses = request.getSession(true);
+
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.directObject.directObjectBank", locale);
+		
 		if(Validate.validateSession(ses))
 		{
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
@@ -84,10 +92,10 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 						performTransfer = true;
 					}
 					else
-						errorMessage = "Your account does not have the necessary funds to transfer that amount.";
+						errorMessage = bundle.getString("transfer.error.notEnoughCash");
 				}
 				else
-					errorMessage = "The amount being transfered must be greater than zero.";
+					errorMessage = bundle.getString("transfer.error.moreThanZero");
 				
 				String htmlOutput = new String();
 				if(performTransfer)
@@ -100,25 +108,25 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					callstmt.setFloat(3, tranferAmount);
 					callstmt.execute();
 					log.debug("Sucessfully ran Transfer Funds procedure.");
-					htmlOutput = "Funds have been transfered sucessfully!";
+					htmlOutput = bundle.getString("transfer.success");
 					Database.closeConnection(conn);
 				}
 				else
 				{
 					log.debug("Invalid Data Detected: " + errorMessage);
-					htmlOutput = "An Error Occured: " + errorMessage;
+					htmlOutput = bundle.getString("transfer.error.occurred") + " " + errorMessage;
 				}
 				log.debug("Outputting HTML");
 				out.write(htmlOutput);
 			}
 			catch(SQLException e)
 			{
-				out.write("An Error Occurred! You must be getting funky! Could not get Transfer Funds!");
+				out.write(errors.getString("error.funky") + " " + bundle.getString("transfer.error.couldNotTransfer"));
 				log.fatal(levelName + " SQL Error - " + e.toString());
 			}
 			catch(Exception e)
 			{
-				out.write("An Error Occurred! You must be getting funky!");
+				out.write(errors.getString("error.funky"));
 				log.fatal(levelName + " - " + e.toString());
 			}
 		}
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/NoSqlInjection1.java b/SecurityShepherdCore/src/servlets/module/challenge/NoSqlInjection1.java
index d42e4cb28..034d37897 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/NoSqlInjection1.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/NoSqlInjection1.java
@@ -51,8 +51,8 @@ public class NoSqlInjection1 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(NoSqlInjection1.class);
 	private static String levelName = "NoSQL Injection Challenge One";
-	private static String levelHash = "d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66";
-	private static String levelResult = ""; // Stored in Vulnerable DB. Not User Specific
+	public static String levelHash = "d63c2fb5da9b81ca26237f1308afe54491d1bacf9fffa0b21a072b03c5bafe66";
+	// private static String levelResult = ""; // Stored in Vulnerable DB. Not User Specific
 	/**
 	 * Users have to use NoSQL injection to get a specific user (Marlo) gamer ID. The query they are injecting into by default only outputs usernames.
 	 * The input they enter is also been filtered.
@@ -79,6 +79,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			// To directly connect to a single MongoDB server (note that this will not auto-discover the primary even
 			// if it's a member of a replica set:
 			MongoClient mongoClient;
+			@SuppressWarnings("unused")
 			MongoCredential credential;
 			DB mongoDb;
 			//BasicDBObject whereQuery = new BasicDBObject();
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation1.java b/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation1.java
index e8c4813b6..ed62f7b39 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation1.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation1.java
@@ -2,6 +2,8 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -10,8 +12,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import utils.Hash;
 import utils.ShepherdLogManager;
@@ -41,7 +41,7 @@ public class PoorValidation1 extends HttpServlet
 {
 	private static final String levelName = "Poor Validation 2";
 	private static String levelSolution = "d30475881612685092e5ec469317dcc5ccc1f548a97bfdb041236b5bba7627bf";
-	private static String levelHash = "ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e";
+	public static String levelHash = "ca0e89caf3c50dbf9239a0b3c6f6c17869b2a1e2edc3aa6f029fd30925d66c7e";
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(PoorValidation1.class);
 	/**
@@ -55,13 +55,16 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		HttpSession ses = request.getSession(true);
 		if(Validate.validateSession(ses))
 		{
+			//Translation Stuff
+			Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+			ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.poorValidation.poorValidationStrings", locale);
+			
 			String currentUser = ses.getAttribute("userName").toString();
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), currentUser);
 			log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
 			PrintWriter out = response.getWriter();  
 			out.print(getServletInfo());
 			String htmlOutput = new String();
-			Encoder encoder = ESAPI.encoder();
 			try
 			{
 				int megustaAmount = Integer.parseInt(request.getParameter("megustaAmount"));
@@ -85,18 +88,18 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 				int finalCost = megustaCost + rageCost + notBadCost + trollCost;
 				
 				//Output Order
-				htmlOutput = "<h3>Order Complete</h3>"
-						+ "Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.<br/><br/>"
-						+ "Your order comes to a total of <a><strong>$" + finalCost + "</strong></a>";
+				htmlOutput = "<h3 class='title'>" + bundle.getString("poorValidation.orderComplete")+ "</h3>"
+						+ "<p>" + bundle.getString("poorValidation.orderComplete.message")+ "<br></p>"
+						+ "<p>" + bundle.getString("poorValidation.orderTotal")+ " <a><strong>$" + finalCost + "</strong></a></p>";
 				if (finalCost <= 0 && trollAmount > 0)
 				{
-					htmlOutput += "<br><br>Trolls were free, Well Done - <a><b>" + encoder.encodeForHTML(Hash.generateUserSolution(levelSolution, currentUser)) + "</b></a>";
+					htmlOutput += "<br><p>" + bundle.getString("poorValidation.freeTrolls")+ " - " + Hash.generateUserSolution(levelSolution, currentUser) + "</p>";
 				}
 			}
 			catch(Exception e)
 			{
 				log.debug("Didn't complete order: " + e.toString());
-				htmlOutput += "<p> Order Failed - Please try again later</p>";
+				htmlOutput += "<p>" + bundle.getString("poorValidation.badOrder")+ "</p>";
 			}
 			try
 			{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation2.java b/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation2.java
index 0e2c493ba..67b9dea4e 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation2.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/PoorValidation2.java
@@ -2,6 +2,8 @@
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -10,8 +12,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import utils.Hash;
 import utils.ShepherdLogManager;
@@ -41,7 +41,7 @@ public class PoorValidation2 extends HttpServlet
 {
 	private static final String levelName = "Poor Validation 2";
 	private static String levelSolution = "05adf1e4afeb5550faf7edbec99170b40e79168ecb3a5da19943f05a3fe08c8e";
-	private static String levelHash = "20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5";
+	public static String levelHash = "20e8c4bb50180fed9c1c8d1bf6af5eac154e97d3ce97e43257c76e73e3bbe5d5";
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(PoorValidation2.class);
 	/**
@@ -55,13 +55,16 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		HttpSession ses = request.getSession(true);
 		if(Validate.validateSession(ses))
 		{
+			//Translation Stuff
+			Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+			ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.poorValidation.poorValidationStrings", locale);
+			
 			String currentUser = ses.getAttribute("userName").toString();
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), currentUser);
 			log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
 			PrintWriter out = response.getWriter();  
 			out.print(getServletInfo());
 			String htmlOutput = new String();
-			Encoder encoder = ESAPI.encoder();
 			try
 			{
 				int megustaAmount = validateAmount(Integer.parseInt(request.getParameter("megustaAmount")));
@@ -85,18 +88,18 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 				int finalCost = megustaCost + rageCost + notBadCost + trollCost;
 				
 				//Output Order
-				htmlOutput = "<h3>Order Complete</h3>"
-						+ "Your order has been made and has been sent to our magic shipping department that knows where you want this to be delivered via brain wave sniffing techniques.<br/><br/>"
-						+ "Your order comes to a total of <a><strong>$" + finalCost + "</strong></a>";
+				htmlOutput = "<h3 class='title'>" + bundle.getString("poorValidation.orderComplete") + "</h3>"
+						+ "<p>" + bundle.getString("poorValidation.orderComplete.message") + "</p><br/>"
+						+ "<p>" + bundle.getString("poorValidation.orderTotal") + " <a><strong>$" + finalCost + "</strong></a></p>";
 				if (finalCost <= 0 && trollAmount > 0)
 				{
-					htmlOutput += "<br><br>Trolls were free, Well Done - <a><b>" + encoder.encodeForHTML(Hash.generateUserSolution(levelSolution, currentUser)) + "</b></a>";
+					htmlOutput += "<br><p>" + bundle.getString("poorValidation.freeTrolls") + " - " + Hash.generateUserSolution(levelSolution, currentUser) + "</p>";
 				}
 			}
 			catch(Exception e)
 			{
 				log.debug("Didn't complete order: " + e.toString());
-				htmlOutput += "<p> Order Failed - Please try again later</p>";
+				htmlOutput += "<p>" + bundle.getString("poorValidation.badOrder") + "</p>";
 			}
 			try
 			{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SecurityMisconfigStealTokens.java b/SecurityShepherdCore/src/servlets/module/challenge/SecurityMisconfigStealTokens.java
index 8268d1b4e..96ff2d190 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SecurityMisconfigStealTokens.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SecurityMisconfigStealTokens.java
@@ -6,6 +6,8 @@
 import java.sql.Connection;
 import java.sql.ResultSet;
 import java.sql.SQLException;
+import java.util.Locale;
+import java.util.ResourceBundle;
 
 import javax.servlet.ServletException;
 import javax.servlet.http.Cookie;
@@ -15,8 +17,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import utils.Hash;
 import utils.ShepherdLogManager;
@@ -45,14 +45,14 @@
  */
 public class SecurityMisconfigStealTokens extends HttpServlet
 {
-	//SQL Challenge One
+	//Security Misconfiguration Challenge
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SecurityMisconfigStealTokens.class);
 	private static String levelName = "Security Misconfig Cookie Flags Servlet";
-	private static String levelHash = "c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4";
-	private static String levelResult = "92755de2ebb012e689caf8bfec629b1e237d23438427499b6bf0d7933f1b8215"; // Stored in Vulnerable DB. Not user Specific
+	public static String levelHash = "c4285bbc6734a10897d672c1ed3dd9417e0530a4e0186c27699f54637c7fb5d4";
+	private static String levelResult = "92755de2ebb012e689caf8bfec629b1e237d23438427499b6bf0d7933f1b8215"; // Base Key. User is given user specific key
 	/**
-	 * TODO - Java Doc
+	 * This servlet will return the key to complete as long as the cookie submitted is valid and does not belong to the user making the request
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
@@ -62,12 +62,16 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		HttpSession ses = request.getSession(true);
 		if(Validate.validateSession(ses))
 		{
+			//Translation Stuff
+			Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+			ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+			ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.securityMisconfig.stealTokens", locale);
+			
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
 			log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
 			PrintWriter out = response.getWriter();  
 			out.print(getServletInfo());
 			String htmlOutput = new String();
-			Encoder encoder = ESAPI.encoder();
 			try
 			{
 				String applicationRoot = getServletContext().getRealPath("");
@@ -94,8 +98,8 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 				if(cookieValue.compareTo(userActualCookie) == 0)
 				{
 					//User is using their own Cookie: Not Complete
-					htmlOutput = new String("<h2 class='title'>Challenge NOT Complete</h2>"
-							+ "<p>You cannot complete this challenge with your cookie value. You must get the cookie from another user.<p>");					
+					htmlOutput = new String("<h2 class='title'>" + bundle.getString("securityMisconfig.servlet.stealTokens.notComplete") + "</h2>"
+							+ "<p>" + bundle.getString("securityMisconfig.servlet.stealTokens.notComplete.message") + "<p>");					
 				}
 				else
 				{
@@ -106,22 +110,22 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 						log.debug("Valid Cookie of another User Dectected");
 						// Get key and add it to the output
 						String userKey = Hash.generateUserSolution(levelResult, (String)ses.getAttribute("userName"));
-						htmlOutput = "<h2 class='title'>Challenge Complete</h2>" +
+						htmlOutput = "<h2 class='title'>" + bundle.getString("securityMisconfig.servlet.stealTokens.complete") + "</h2>" +
 								"<p>" +
-								"Congradulations! Your result key is as follows " +
+								bundle.getString("securityMisconfig.servlet.stealTokens.youDidIt") + " " +
 								"<a>" + userKey + "</a>" +
 								"</p>";
 					}
 					else
 					{
-						htmlOutput = new String("<h2 class='title'>Challenge NOT Complete</h2>"
-								+ "<p>You muse submit a valid token of another user.<p>");					
+						htmlOutput = new String("<h2 class='title'>" + bundle.getString("securityMisconfig.servlet.stealTokens.notComplete") + "</h2>"
+								+ "<p>" + bundle.getString("securityMisconfig.servlet.stealTokens.notComplete.yourToken") + "<p>");					
 					}
 				}
 			}
 			catch(Exception e)
 			{
-				out.write("An Error Occurred! You must be getting funky!");
+				out.write(errors.getString("securityMisconfig.servlet.stealTokens.notComplete.yourToken"));
 				log.fatal(levelName + " - " + e.toString());
 			}
 			log.debug("Outputting HTML");
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement1.java b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement1.java
index 2cce76a83..8716d1244 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement1.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement1.java
@@ -43,7 +43,7 @@ public class SessionManagement1 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SessionManagement1.class);
 	private static String levelName = "Session Management Challenge One";
-	private static String levelHash = "dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a";
+	public static String levelHash = "dfd6bfba1033fa380e378299b6a998c759646bd8aea02511482b8ce5d707f93a";
 	private static String levelResult = "db7b1da5d7a43c7100a6f01bb0c";
 	/**
 	 * Users must take advance of the broken session management in this application by modifying the tracking cookie "checksum" which is encoded in base 64. They must modify this cookie to be equal to administrator to access the result key.
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement2ChangePassword.java b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement2ChangePassword.java
index cf81cd498..d9d9cad80 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement2ChangePassword.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement2ChangePassword.java
@@ -49,7 +49,7 @@ public class SessionManagement2ChangePassword extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SessionManagement2ChangePassword.class);
 	private static String levelName = "Session Management Challenge Two (Change Pass)";
-	private static String levelHash = "f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959";
+	public static String levelHash = "f5ddc0ed2d30e597ebacf5fdd117083674b19bb92ffc3499121b9e6a12c92959";
 	/**
 	 * A user with the submitted email address is set a new random password, the password is also returned from the database procedure and is forwards through to the HTTP response.
 	 * This response is not consumed by the client interface by default, and the user will have to discover it.
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement3ChangePassword.java b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement3ChangePassword.java
index ddafd53fe..d973c1796 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement3ChangePassword.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement3ChangePassword.java
@@ -49,8 +49,8 @@ public class SessionManagement3ChangePassword extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SessionManagement3ChangePassword.class);
 	private static String levelName = "Session Management Challenge Three (Change Password)";
-	private static String levelHash = "b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a";
-	private static String levelResult = ""; //This Servlet does not return a result
+	public static String levelHash = "b467dbe3cd61babc0ec599fd0c67e359e6fe04e8cdc618d537808cbb693fee8a";
+	// private static String levelResult = ""; //This Servlet does not return a result
 	/**
 	 * Function used by Session Management Challenge Three to change the password of the submitted user name specified in the "Current" cookie
 	 * @param current User cookie used to store the current user (encoded twice with base64)
@@ -73,7 +73,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
 			log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
 			PrintWriter out = response.getWriter();
-			Base64 base64 = new Base64();
 			out.print(getServletInfo());
 			String htmlOutput = new String();
 			log.debug(levelName + " - Change Password - Servlet");
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement4.java b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement4.java
index 0bf533d9c..e6492ce1a 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement4.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement4.java
@@ -43,7 +43,7 @@ public class SessionManagement4 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SessionManagement4.class);
 	private static String levelName = "Session Management Challenge Four";
-	private static String levelHash = "ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6";
+	public static String levelHash = "ec43ae137b8bf7abb9c85a87cf95c23f7fadcf08a092e05620c9968bd60fcba6";
 	private static String levelResult = "238a43b12dde07f39d14599a780ae90f87a23e";
 	/**
 	 * Users must discover the session id for this sub application is very weak. The default session ID for a guest will be 00000001 base64'd. The admin's session will be 00000021
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement5ChangePassword.java b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement5ChangePassword.java
index aef429fc4..a5b3f13e0 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement5ChangePassword.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SessionManagement5ChangePassword.java
@@ -51,8 +51,7 @@ public class SessionManagement5ChangePassword extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SessionManagement5ChangePassword.class);
 	private static String levelName = "Session Management Challenge Five (Change Password)";
-	private static String levelHash = SessionManagement5.levelHash;
-	private static String levelResult = ""; //This Servlet does not return a result
+	// private static String levelResult = ""; //This Servlet does not return a result
 	/**
 	 * Function used by Session Management Challenge Five to change the password of the submitted user name. The function requires a valid token which is a base64'd timestamp. If the current time is within 10 minutes of the token, the function will execute 
 	 * @param userName User cookie used to store the user password to be reset
@@ -76,7 +75,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 			ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
 			log.debug(levelName + " servlet accessed by: " + ses.getAttribute("userName").toString());
 			PrintWriter out = response.getWriter();
-			Base64 base64 = new Base64();
 			out.print(getServletInfo());
 			String htmlOutput = new String();
 			String errorMessage = new String();
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection1.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection1.java
index 8b2945cd1..5024b1db0 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection1.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection1.java
@@ -49,8 +49,8 @@ public class SqlInjection1 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjection1.class);
 	private static String levelName = "SQL Injection Challenge 1";
-	private static String levelHash = "e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a";
-	private static String levelResult = ""; //Stored in vulnerable DB. Not user Specific
+	public static String levelHash = "e1e109444bf5d7ae3d67b816538613e64f7d0f51c432a164efc8418513711b0a";
+	// private static String levelResult = ""; //Stored in vulnerable DB. Not user Specific
 	/**
 	 * This function is used to make a call to a database and process its results. The call made to the database is secured using an insufficient privilege. 
 	 * Players must overcome this filter to complete the module
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection3.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection3.java
index 05d58df3e..0f3111005 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection3.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection3.java
@@ -50,8 +50,8 @@ public class SqlInjection3 extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjection3.class);
 	private static String levelName = "SQL Injection Challenge Three";
-	private static String levelHash = "b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6";
-	private static String levelResult = ""; // Stored in Vulnerable DB. Not User Specific
+	public static String levelHash = "b7327828a90da59df54b27499c0dc2e875344035e38608fcfb7c1ab8924923f6";
+	// private static String levelResult = ""; // Stored in Vulnerable DB. Not User Specific
 	/**
 	 * Users have to use SQL injection to get a specific users credit card number. The query they are injecting into by default only outputs usernames.
 	 * The input they enter is also been filtered.
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection4.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection4.java
index d4869903a..690a67937 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection4.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection4.java
@@ -51,7 +51,7 @@ public class SqlInjection4 extends HttpServlet
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjection4.class);
 	private static String levelName = "SqlInjection4";
 	private static String levelResult = "d316e80045d50bdf8ed49d48f130b4acf4a878c82faef34daff8eb1b98763b6f"; 
-	private static String levelHash = "1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629";
+	public static String levelHash = "1feccf2205b4c5ddf743630b46aece3784d61adc56498f7603ccd7cb8ae92629";
 	/**
 	 * Users have to defeat SQL injection that blocks single quotes.
 	 * The input they enter is also been filtered.
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5.java
index 1d316d729..eb2ba7aa3 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5.java
@@ -45,13 +45,11 @@
 public class SqlInjection5 extends HttpServlet
 {
 	private static final String levelName = "SQLi C5 Shop";
-	private static String levelHash = "8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62";
+	public static String levelHash = "8edf0a8ed891e6fef1b650935a6c46b03379a0eebab36afcd1d9076f65d4ce62";
 	private static String levelSolution = "343f2e424d5d7a2eff7f9ee5a5a72fd97d5a19ef7bff3ef2953e033ea32dd7ee";
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjection5.class);
-	/**
-	 * //TODO - JavaDoc
-	 */
+	
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
 	{
@@ -61,7 +59,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		
 		//Translation Stuff
 		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
 		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.sqli.sqli5", locale);
 		if(Validate.validateSession(ses))
 		{
@@ -145,8 +142,8 @@ else if (coupons.getInt(1) == 4) // NotBad
 				
 				//Output Order
 				htmlOutput = "<h3>" + bundle.getString("response.orderComplete")+ "</h3>"
-						+ "" + bundle.getString("response.response.orderComplete.p1")+ "<br/><br/>"
-						+ "" + bundle.getString("response.response.orderComplete.p2")+ "<a><strong>$" + finalCost + "</strong></a>";
+						+ "" + bundle.getString("response.orderComplete.p1")+ "<br/><br/>"
+						+ "" + bundle.getString("response.orderComplete.p2")+ "<a><strong>$" + finalCost + "</strong></a>";
 				if (trollAmount > 0 && trollCost == 0)
 				{
 					htmlOutput += "<br><br>" + bundle.getString("response.trollsFreeSolution")+ "<a><b>" + encoder.encodeForHTML(levelSolution) + "</b></a>";
@@ -155,7 +152,7 @@ else if (coupons.getInt(1) == 4) // NotBad
 			catch(Exception e)
 			{
 				log.debug("Didn't complete order: " + e.toString());
-				htmlOutput += "<p>" + bundle.getString("response.response.orderFailed")+ "</p>";
+				htmlOutput += "<p>" + bundle.getString("response.orderFailed")+ "</p>";
 			}
 			try
 			{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5CouponCheck.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5CouponCheck.java
index da9090669..a9d93b822 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5CouponCheck.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5CouponCheck.java
@@ -25,8 +25,22 @@
 /**
  * Level : SQL Injection Challenge 5
  * <br><br>
+ * This file is part of the Security Shepherd Project.
  * 
- * @author mark
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * 
+ * @author Mark Denihan
  *
  */
 public class SqlInjection5CouponCheck extends HttpServlet
@@ -47,7 +61,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		
 		//Translation Stuff
 		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
 		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.sqli.sqli5", locale);
 		if(Validate.validateSession(ses))
 		{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5VipCheck.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5VipCheck.java
index d211fda30..3d05493c2 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5VipCheck.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection5VipCheck.java
@@ -48,9 +48,7 @@ public class SqlInjection5VipCheck extends HttpServlet
 	private static final String levelName = "SQLi C5 VIPCouponCheck";
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjection5VipCheck.class);
-	/**
-	 * //TODO - JavaDoc
-	 */
+	
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
 	{
@@ -60,7 +58,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		
 		//Translation Stuff
 		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
 		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.sqli.sqli5", locale);
 		if(Validate.validateSession(ses))
 		{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection6.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection6.java
index 21d9d887c..c90365ead 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection6.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection6.java
@@ -46,12 +46,14 @@
 public class SqlInjection6 extends HttpServlet
 {
 	private static final String levelName = "SQLi C6";
-	private static String levelSolution = "17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82";
-	private static String levelHash = "d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2";
+	// private static String levelSolution = "17f999a8b3fbfde54124d6e94b256a264652e5087b14622e1644c884f8a33f82";
+	public static String levelHash = "d0e12e91dafdba4825b261ad5221aae15d28c36c7981222eb59f7fc8d8f212a2";
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjection6.class);
 	/**
-	 * //TODO - JavaDoc
+	 * This controller makes an insecure call to a MySQL interpreter. 
+	 * User Input is first filtered for UTF-8 attacks and afterwards is decoded from \xHEX format to UTF-8 before sent to the interpreter
+	 * 
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
@@ -62,7 +64,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		
 		//Translation Stuff
 		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
 		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.sqli.sqli6", locale);
 		if(Validate.validateSession(ses))
 		{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection7.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection7.java
index 6e0914858..480eb9915 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection7.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjection7.java
@@ -15,7 +15,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.omg.CORBA.UserException;
 import org.owasp.esapi.ESAPI;
 import org.owasp.esapi.Encoder;
 
@@ -61,7 +60,6 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 		
 		//Translation Stuff
 		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
 		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.sqli.sqli7", locale);
 		if(Validate.validateSession(ses))
 		{
@@ -91,7 +89,7 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 						if(users.next())
 						{
 							htmlOutput = "<h3>" + bundle.getString("response.welcome")+ " " + encoder.encodeForHTML(users.getString(1)) + "</h3>"
-									+ "<p>" + bundle.getString("response.resultKey")+ "" + encoder.encodeForHTML(Hash.generateUserSolution(Getter.getModuleResultFromHash(applicationRoot, levelHash), (String)ses.getAttribute("userName"))) + "</p>";
+									+ "<p>" + bundle.getString("response.resultKey")+ "" + Hash.generateUserSolution(Getter.getModuleResultFromHash(applicationRoot, levelHash), (String)ses.getAttribute("userName")) + "</p>";
 						}
 						else
 						{
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEmail.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEmail.java
index 9f42acf2d..bc1166b6b 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEmail.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEmail.java
@@ -49,8 +49,8 @@ public class SqlInjectionEmail extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjectionEmail.class);
 	private static String levelName = "SQL Injection Challenge Two";
-	private static String levelHash = "ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b";
-	private static String levelResult = ""; // Stored in Vulnerable DB. Not user Specific
+	public static String levelHash = "ffd39cb26727f34cbf9fce3e82b9d703404e99cdef54d2aa745f497abe070b";
+	// private static String levelResult = ""; // Stored in Vulnerable DB. Not user Specific
 	/**
 	 * This function is used to make a call to a database and process its results. The call made to the database is secured using an insufficient privilege. 
 	 * Players must overcome this filter to complete the module
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEscaping.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEscaping.java
index ec9c6726c..29e96b8a0 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEscaping.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionEscaping.java
@@ -20,7 +20,6 @@
 import org.owasp.esapi.Encoder;
 
 import utils.ShepherdLogManager;
-import utils.SqlFilter;
 import utils.Validate;
 import dbProcs.Database;
 
@@ -50,11 +49,10 @@ public class SqlInjectionEscaping extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjectionEscaping.class);
 	private static String levelName = "SQL Injection Escaping Challenge";
-	private static String levelHash = "8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4";
-	private static String levelResult = ""; //Stored in vulnerable DB. Not user Specific
+	public static String levelHash = "8c3c35c30cdbbb73b7be3a4f8587aa9d88044dc43e248984a252c6e861f673d4";
+	//private static String levelResult = ""; //Stored in vulnerable DB. Not user Specific
 	/**
-	 * TODO: JavaDoc
-	 * @param aUserId Used to filter database results
+	 * This SQL Injection Module Class uses a poor escaping method to sanitise user data being sent to a MySQL interpreter
 	 */
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionStoredProcedure.java b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionStoredProcedure.java
index f7b48dda6..f60e68b56 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionStoredProcedure.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/SqlInjectionStoredProcedure.java
@@ -49,8 +49,8 @@ public class SqlInjectionStoredProcedure extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjectionStoredProcedure.class);
 	private static String levelName = "SQL Injection Stored Procedure Challenge";
-	private static String levelHash = "7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7";
-	private static String levelResult = ""; // Stored in Vulnerable DB. Not user Specific
+	public static String levelHash = "7edcbc1418f11347167dabb69fcb54137960405da2f7a90a0684f86c4d45a2e7";
+	// private static String levelResult = ""; // Stored in Vulnerable DB. Not user Specific
 	
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
 	throws ServletException, IOException
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/UrlAccess3UserList.java b/SecurityShepherdCore/src/servlets/module/challenge/UrlAccess3UserList.java
index 04da090bd..4e42b5b32 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/UrlAccess3UserList.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/UrlAccess3UserList.java
@@ -51,7 +51,6 @@
  */
 public class UrlAccess3UserList extends HttpServlet
 {
-	//Sql Challenge 4
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(UrlAccess3UserList.class);
 	private static String levelName = "URL Access 3 (UserList)";
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFive.java b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFive.java
index d2f0806e1..fb6e20d9e 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFive.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFive.java
@@ -13,8 +13,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import dbProcs.Getter;
 import utils.FindXSS;
@@ -88,16 +86,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					boolean xssDetected = FindXSS.search(userPost);
 					if(xssDetected)
 					{
-						Encoder encoder = ESAPI.encoder();
 						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
 								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
 								bundle.getString("result.resultKey") + " <a>" +
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(
-												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash),
-											(String)ses.getAttribute("userName")
-										)
-								) + "</a>";
+									Hash.generateUserSolution(
+											Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash),
+										(String)ses.getAttribute("userName")
+									)
+								+ "</a>";
 					}
 					log.debug("Adding searchTerm to Html: " + searchTerm);
 					htmlOutput += "<h2 class='title'>" + bundle.getString("response.yourPost") + "</h2>" +
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFour.java b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFour.java
index 08d005d1e..9e2d5a72a 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFour.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeFour.java
@@ -13,8 +13,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import dbProcs.Getter;
 import utils.FindXSS;
@@ -94,16 +92,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 						log.debug("After Encoding - " + searchTerm);
 						if(FindXSS.search(userPost))
 						{
-							Encoder encoder = ESAPI.encoder();
 							htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
 									"<p>" + bundle.getString("result.youDidIt") + "<br />" +
 									bundle.getString("result.resultKey") + " <a>" +
-									encoder.encodeForHTML(
-											Hash.generateUserSolution(
-													Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash),
-												(String)ses.getAttribute("userName")
-											)
-									) + "</a>";
+										Hash.generateUserSolution(
+												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash),
+											(String)ses.getAttribute("userName")
+										)
+									+ "</a>";
 						}
 					}
 					log.debug("Adding searchTerm to Html: " + searchTerm);
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeOne.java b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeOne.java
index 44bd59c7f..8913e7bab 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeOne.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeOne.java
@@ -13,8 +13,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import dbProcs.Getter;
 import utils.FindXSS;
@@ -85,16 +83,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					String htmlOutput = new String();
 					if(FindXSS.search(searchTerm))
 					{
-						Encoder encoder = ESAPI.encoder();
 						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
 								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
 								bundle.getString("result.resultKey") + " <a>" +
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(
-												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
-												), (String)ses.getAttribute("userName")
-										)
-								) +
+									Hash.generateUserSolution(
+											Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
+											), (String)ses.getAttribute("userName")
+									)
+								+
 								"</a>";
 					}
 					log.debug("Adding searchTerm to Html: " + searchTerm);
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeSix.java b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeSix.java
index 920b934d8..ecbf42226 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeSix.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeSix.java
@@ -13,8 +13,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import dbProcs.Getter;
 import utils.FindXSS;
@@ -88,16 +86,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					boolean xssDetected = FindXSS.search(userPost);
 					if(xssDetected)
 					{
-						Encoder encoder = ESAPI.encoder();
 						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
 								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
 								bundle.getString("result.resultKey") + " <a>" +
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(
-												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash),
-											(String)ses.getAttribute("userName")
-										)
-								) + "</a>";
+									Hash.generateUserSolution(
+											Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash),
+										(String)ses.getAttribute("userName")
+									)
+								 + "</a>";
 					}
 					log.debug("Adding searchTerm to Html: " + searchTerm);
 					htmlOutput += "<h2 class='title'>" + bundle.getString("response.yourPost") + "</h2>" +
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeThree.java b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeThree.java
index e9cabb117..6706c9d46 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeThree.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeThree.java
@@ -13,8 +13,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import dbProcs.Getter;
 import utils.FindXSS;
@@ -85,16 +83,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					String htmlOutput = new String();
 					if(FindXSS.search(searchTerm))
 					{
-						Encoder encoder = ESAPI.encoder();
 						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
 								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
 								bundle.getString("result.resultKey") + " <a>" +
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(
-												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
-												), (String)ses.getAttribute("userName")
-										)
-								) +
+									Hash.generateUserSolution(
+											Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
+											), (String)ses.getAttribute("userName")
+									)
+								 +
 								"</a>";
 					}
 					log.debug("Adding searchTerm to Html: " + searchTerm);
diff --git a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeTwo.java b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeTwo.java
index a77d0318d..4818fdecf 100644
--- a/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeTwo.java
+++ b/SecurityShepherdCore/src/servlets/module/challenge/XssChallengeTwo.java
@@ -13,8 +13,6 @@
 import javax.servlet.http.HttpSession;
 
 import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
 
 import dbProcs.Getter;
 import utils.FindXSS;
@@ -85,16 +83,14 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 					String htmlOutput = new String();
 					if(FindXSS.search(searchTerm))
 					{
-						Encoder encoder = ESAPI.encoder();
 						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
 								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
 								bundle.getString("result.resultKey") + " <a>" +
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(
-												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
-												), (String)ses.getAttribute("userName")
-										)
-								) +
+									Hash.generateUserSolution(
+											Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
+											), (String)ses.getAttribute("userName")
+									)
+								 +
 								"</a>";
 						log.debug(levelName + " completed");
 					}
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/CsrfLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/CsrfLesson.java
index 496734ddf..ec3a98a3e 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/CsrfLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/CsrfLesson.java
@@ -93,12 +93,11 @@ public void doPost (HttpServletRequest request, HttpServletResponse response)
 						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
 								bundle.getString("result.youDidIt") + "<br />" +
 								bundle.getString("result.theKeyIs") + " <a>" + 
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(
-												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
-												), (String)ses.getAttribute("userName")
-										)
-								) +
+									Hash.generateUserSolution(
+											Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
+											), (String)ses.getAttribute("userName")
+									)
+								+
 								"</a>";
 					}
 					log.debug("Adding searchTerm to Html: " + messageForAdmin);
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/DirectObjectLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/DirectObjectLesson.java
index c5e982dbf..e0cdd45c6 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/DirectObjectLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/DirectObjectLesson.java
@@ -44,7 +44,7 @@ public class DirectObjectLesson extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(DirectObjectLesson.class);
 	private static String levelName = "Insecure Direct Object Lesson";
-	private static String levelhash = "fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100";
+	public static String levelhash = "fdb94122d0f032821019c7edf09dc62ea21e25ca619ed9107bcc50e4a8dbc100";
 	private static String levelResult = "59e571b1e59441e76e0c85e5b49";
 	/**
 	 * System users are insecurely directed by their user name in a post request parameter. Users can abuse this to retrieve an administrator's information.
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/PoorValidationLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/PoorValidationLesson.java
index 76d01c5a1..40fa062ed 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/PoorValidationLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/PoorValidationLesson.java
@@ -42,7 +42,7 @@ public class PoorValidationLesson extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(PoorValidationLesson.class);
 	private static String levelName = "Poor Validation Lesson";
-	private static String levelhash = "4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f";
+	public static String levelhash = "4d8d50a458ca5f1f7e2506dd5557ae1f7da21282795d0ed86c55fefe41eb874f";
 	private static String levelResult = "6680b08b175c9f3d521764b41349fcbd3c0ad0a76655a10d42372ebccdfdb4bb";
 	/**
 	 * Data is only validated on the client side. No Server Side Validation is Performed
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/Redirect.java b/SecurityShepherdCore/src/servlets/module/lesson/Redirect.java
index 9d652b73a..15ec3a563 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/Redirect.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/Redirect.java
@@ -66,7 +66,6 @@ public void doGet (HttpServletRequest request, HttpServletResponse response)
 				log.debug("Current User: " + ses.getAttribute("userName").toString());
 				try
 				{
-					String redirectString = request.getParameter("to");
 					out.write(bundle.getString("target.example") + "...");
 					//No actual redirecting
 				}
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/SecurityMisconfigLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/SecurityMisconfigLesson.java
index 75a8d93ef..926622660 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/SecurityMisconfigLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/SecurityMisconfigLesson.java
@@ -44,7 +44,7 @@ public class SecurityMisconfigLesson extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SecurityMisconfigLesson.class);
 	private static String levelName = "Security Misconfig Lesson";
-	private static String levelhash = "fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833";
+	public static String levelhash = "fe04648f43cdf2d523ecf1675f1ade2cde04a7a2e9a7f1a80dbb6dc9f717c833";
 	private static String levelResult = "55b34717d014a5a355f6eced4386878fab0b2793e1d1dbfd23e6262cd510ea96";
 	
 	public void doPost (HttpServletRequest request, HttpServletResponse response) 
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/SessionManagementLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/SessionManagementLesson.java
index 17f8930fe..08f58debf 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/SessionManagementLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/SessionManagementLesson.java
@@ -43,7 +43,7 @@ public class SessionManagementLesson extends HttpServlet
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SessionManagementLesson.class);
 	private static String levelName = "Session Management Lesson";
-	private static String levelHash = "b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806";
+	public static String levelHash = "b8c19efd1a7cc64301f239f9b9a7a32410a0808138bbefc98986030f9ea83806";
 	private static String levelResult = "6594dec9ff7c4e60d9f8945ca0d4";
 	/**
 	 * Controller is tracking the user completion through the "lessonComplete" cookie. If this cookie is changed the user can complete the level
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/SqlInjectionLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/SqlInjectionLesson.java
index 22683c6b6..d0840e7d3 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/SqlInjectionLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/SqlInjectionLesson.java
@@ -49,8 +49,8 @@ public class SqlInjectionLesson
 	private static final long serialVersionUID = 1L;
 	private static org.apache.log4j.Logger log = Logger.getLogger(SqlInjectionLesson.class);
 	private static String levelName = "SQL Injection Lesson";
-	private static String levelHash = "e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594";
-	private static String levelResult = ""; // Stored in Vulnerable DB. Not User Specific
+	public static String levelHash = "e881086d4d8eb2604d8093d93ae60986af8119c4f643894775433dbfb6faa594";
+	// private static String levelResult = ""; // Stored in Vulnerable DB. Not User Specific
 	/**
 	 * Uses user input in an insecure fashion when executing queries in database. Vulnerable to SQL injection.
 	 * @param aUserName User submitted filter for database results
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/UnvalidatedForwardsLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/UnvalidatedForwardsLesson.java
index f17049f5e..b2967635f 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/UnvalidatedForwardsLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/UnvalidatedForwardsLesson.java
@@ -1,167 +1,164 @@
-package servlets.module.lesson;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.net.MalformedURLException;
-import java.net.URL;
-import java.util.Locale;
-import java.util.ResourceBundle;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
-
-import utils.FindXSS;
-import utils.Hash;
-import utils.ShepherdLogManager;
-import utils.Validate;
-import dbProcs.Getter;
-/**
- * Unvalidated Redirects and Forwards Lesson
- * <br/><br/>
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- * @author Mark Denihan
- *
- */
-public class UnvalidatedForwardsLesson extends HttpServlet
-{
-	private static final long serialVersionUID = 1L;
-	private static org.apache.log4j.Logger log = Logger.getLogger(UnvalidatedForwardsLesson.class);
-	private static String levelName = "Unvalidated Redirects and Forwards Lesson";
-	private static String levelHash = "f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f";
-	
-	/**
-	 * User submission is parsed for a valid URL. This is then used to construct a URL object. This URL object is then checked to ensure a valid attack
-	 * @param tempId User's session stored temporary id
-	 * @param messageForAdmin Users lesson submission
-	 */
-	public void doPost (HttpServletRequest request, HttpServletResponse response) 
-	throws ServletException, IOException
-	{
-		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
-		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
-		log.debug(levelName +" Servlet Accessed");
-		PrintWriter out = response.getWriter();  
-		out.print(getServletInfo());
-		Encoder encoder = ESAPI.encoder();
-
-		//Translation Stuff
-		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
-		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.lessons.unvalidatedRedirect", locale);
-		
-		try
-		{
-			HttpSession ses = request.getSession(true);
-			if(Validate.validateSession(ses))
-			{
-				ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
-				log.debug("Current User: " + ses.getAttribute("userName").toString());
-				Cookie tokenCookie = Validate.getToken(request.getCookies());
-				Object tokenParmeter = request.getParameter("csrfToken");
-				if(Validate.validateTokens(tokenCookie, tokenParmeter))
-				{
-					String tempId = (String) ses.getAttribute("tempId");
-					log.debug("tempId = " + tempId);
-					String userName = (String) ses.getAttribute("userName");
-					String messageForAdmin = request.getParameter("messageForAdmin").toLowerCase();
-					log.debug("User Submitted - " + messageForAdmin);
-					String htmlOutput = new String();
-					boolean validUrl = true;
-					boolean validSolution = false;
-					boolean validAttack = false;
-					try
-					{
-						URL csrfUrl = new URL(messageForAdmin);
-						log.debug("Url Host: " + csrfUrl.getHost());
-						log.debug("Url Port: " + csrfUrl.getPort());
-						log.debug("Url Path: " + csrfUrl.getPath());
-						log.debug("Url Query: " + csrfUrl.getQuery());
-						validSolution = csrfUrl.getPath().toLowerCase().equalsIgnoreCase("/user/redirect");
-						if(!validSolution)
-							log.debug("Invalid Solution: Bad Path or Above");
-						validSolution = csrfUrl.getQuery().toLowerCase().startsWith(("to=").toLowerCase()) && validSolution;
-						if(!validSolution)
-							log.debug("Invalid Solution: Bad Query or Above");
-						if(validSolution)
-						{
-							log.debug("Redirect URL Correct: Now checking the Redirected URL for valid CSRF Attack");
-							int csrfStart = 0;
-							int csrfEnd = 0;
-							csrfStart = csrfUrl.getQuery().indexOf("to=") + 3;
-							csrfEnd = csrfUrl.getQuery().indexOf("&");
-							if(csrfEnd == -1)
-							{
-								csrfEnd = csrfUrl.getQuery().length();
-							}
-							String csrfAttack = csrfUrl.getQuery().substring(csrfStart, csrfEnd);
-							log.debug("csrfAttack Found to be: " + csrfAttack);
-							validAttack = FindXSS.findCsrfAttackUrl(csrfAttack, "/root/grantComplete/unvalidatedredirectlesson", "userId", tempId);
-						}
-					}
-					catch(MalformedURLException e)
-					{
-						log.error("Invalid URL: " + e.toString());
-						validUrl = false;
-						validSolution = false;
-						validAttack = false;
-						messageForAdmin = "";
-						htmlOutput="Invalid URL";
-					}				
-					
-					if(validSolution && validAttack)
-					{
-						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
-								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
-								bundle.getString("result.resultKey") + " <a>" +
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(
-												Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash
-												), (String)ses.getAttribute("userName")
-										)
-								) +
-								"</a>";
-					}
-					if(validUrl)
-					{
-						log.debug("Adding message to Html: " + messageForAdmin);
-						htmlOutput += "<h2 class='title'>" + bundle.getString("response.messageSent") + "</h2>" +
-							"<p><table><tr><td>" + bundle.getString("response.sentTo") + ": </td><td>administrator@SecurityShepherd.com</td></tr>" +
-							"<tr><td>" + bundle.getString("response.message") + ": </td><td><a href='" +
-							encoder.encodeForHTMLAttribute(messageForAdmin) +
-							"'>" + encoder.encodeForHTML("" + bundle.getString("response.linkFrom") + " " + userName) +
-							"</a></td></tr></table></p>";
-					}
-					log.debug("Outputting HTML");
-					out.write(htmlOutput);
-				}
-			}
-		}
-		catch(Exception e)
-		{
-			out.write(errors.getString("error.funky"));
-			log.fatal(levelName + " - " + e.toString());
-		}
-		log.debug("End of " + levelName + " Servlet");
-	}
-}
+package servlets.module.lesson;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.util.Locale;
+import java.util.ResourceBundle;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.log4j.Logger;
+import org.owasp.esapi.ESAPI;
+import org.owasp.esapi.Encoder;
+
+import utils.FindXSS;
+import utils.Hash;
+import utils.ShepherdLogManager;
+import utils.Validate;
+import dbProcs.Getter;
+/**
+ * Unvalidated Redirects and Forwards Lesson
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * @author Mark Denihan
+ *
+ */
+public class UnvalidatedForwardsLesson extends HttpServlet
+{
+	private static final long serialVersionUID = 1L;
+	private static org.apache.log4j.Logger log = Logger.getLogger(UnvalidatedForwardsLesson.class);
+	private static String levelName = "Unvalidated Redirects and Forwards Lesson";
+	private static String levelHash = "f15f2766c971e16e68aa26043e6016a0a7f6879283c873d9476a8e7e94ea736f";
+	
+	/**
+	 * User submission is parsed for a valid URL. This is then used to construct a URL object. This URL object is then checked to ensure a valid attack
+	 * @param tempId User's session stored temporary id
+	 * @param messageForAdmin Users lesson submission
+	 */
+	public void doPost (HttpServletRequest request, HttpServletResponse response) 
+	throws ServletException, IOException
+	{
+		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
+		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
+		log.debug(levelName +" Servlet Accessed");
+		PrintWriter out = response.getWriter();  
+		out.print(getServletInfo());
+		Encoder encoder = ESAPI.encoder();
+
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.lessons.unvalidatedRedirect", locale);
+		
+		try
+		{
+			HttpSession ses = request.getSession(true);
+			if(Validate.validateSession(ses))
+			{
+				ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
+				log.debug("Current User: " + ses.getAttribute("userName").toString());
+				Cookie tokenCookie = Validate.getToken(request.getCookies());
+				Object tokenParmeter = request.getParameter("csrfToken");
+				if(Validate.validateTokens(tokenCookie, tokenParmeter))
+				{
+					String tempId = (String) ses.getAttribute("tempId");
+					log.debug("tempId = " + tempId);
+					String userName = (String) ses.getAttribute("userName");
+					String messageForAdmin = request.getParameter("messageForAdmin").toLowerCase();
+					log.debug("User Submitted - " + messageForAdmin);
+					String htmlOutput = new String();
+					boolean validUrl = true;
+					boolean validSolution = false;
+					boolean validAttack = false;
+					try
+					{
+						URL csrfUrl = new URL(messageForAdmin);
+						log.debug("Url Host: " + csrfUrl.getHost());
+						log.debug("Url Port: " + csrfUrl.getPort());
+						log.debug("Url Path: " + csrfUrl.getPath());
+						log.debug("Url Query: " + csrfUrl.getQuery());
+						validSolution = csrfUrl.getPath().toLowerCase().equalsIgnoreCase("/user/redirect");
+						if(!validSolution)
+							log.debug("Invalid Solution: Bad Path or Above");
+						validSolution = csrfUrl.getQuery().toLowerCase().startsWith(("to=").toLowerCase()) && validSolution;
+						if(!validSolution)
+							log.debug("Invalid Solution: Bad Query or Above");
+						if(validSolution)
+						{
+							log.debug("Redirect URL Correct: Now checking the Redirected URL for valid CSRF Attack");
+							int csrfStart = 0;
+							int csrfEnd = 0;
+							csrfStart = csrfUrl.getQuery().indexOf("to=") + 3;
+							csrfEnd = csrfUrl.getQuery().indexOf("&");
+							if(csrfEnd == -1)
+							{
+								csrfEnd = csrfUrl.getQuery().length();
+							}
+							String csrfAttack = csrfUrl.getQuery().substring(csrfStart, csrfEnd);
+							log.debug("csrfAttack Found to be: " + csrfAttack);
+							validAttack = FindXSS.findCsrfAttackUrl(csrfAttack, "/root/grantComplete/unvalidatedredirectlesson", "userId", tempId);
+						}
+					}
+					catch(MalformedURLException e)
+					{
+						log.error("Invalid URL: " + e.toString());
+						validUrl = false;
+						validSolution = false;
+						validAttack = false;
+						messageForAdmin = "";
+						htmlOutput="Invalid URL";
+					}				
+					
+					if(validSolution && validAttack)
+					{
+						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
+								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
+								bundle.getString("result.resultKey") + " <a>" +
+									Hash.generateUserSolution(
+											Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash), 
+											(String)ses.getAttribute("userName"))
+								+"</a>";
+					}
+					if(validUrl)
+					{
+						log.debug("Adding message to Html: " + messageForAdmin);
+						htmlOutput += "<h2 class='title'>" + bundle.getString("response.messageSent") + "</h2>" +
+							"<p><table><tr><td>" + bundle.getString("response.sentTo") + ": </td><td>administrator@SecurityShepherd.com</td></tr>" +
+							"<tr><td>" + bundle.getString("response.message") + ": </td><td><a href='" +
+							encoder.encodeForHTMLAttribute(messageForAdmin) +
+							"'>" + encoder.encodeForHTML("" + bundle.getString("response.linkFrom") + " " + userName) +
+							"</a></td></tr></table></p>";
+					}
+					log.debug("Outputting HTML");
+					out.write(htmlOutput);
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			out.write(errors.getString("error.funky"));
+			log.fatal(levelName + " - " + e.toString());
+		}
+		log.debug("End of " + levelName + " Servlet");
+	}
+}
diff --git a/SecurityShepherdCore/src/servlets/module/lesson/XssLesson.java b/SecurityShepherdCore/src/servlets/module/lesson/XssLesson.java
index 315bec384..250b19d23 100644
--- a/SecurityShepherdCore/src/servlets/module/lesson/XssLesson.java
+++ b/SecurityShepherdCore/src/servlets/module/lesson/XssLesson.java
@@ -1,119 +1,112 @@
-package servlets.module.lesson;
-
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Locale;
-import java.util.ResourceBundle;
-
-import javax.servlet.ServletException;
-import javax.servlet.http.Cookie;
-import javax.servlet.http.HttpServlet;
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
-import javax.servlet.http.HttpSession;
-
-import org.apache.log4j.Logger;
-import org.owasp.esapi.ESAPI;
-import org.owasp.esapi.Encoder;
-
-import dbProcs.Getter;
-import utils.FindXSS;
-import utils.Hash;
-import utils.ShepherdLogManager;
-import utils.Validate;
-
-/**
- * Cross Site Scripting Lesson
- * <br/><br/>
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- * @author Mark Denihan
- *
- */
-public class XssLesson 
-extends HttpServlet
-{
-	private static final long serialVersionUID = 1L;
-	private static org.apache.log4j.Logger log = Logger.getLogger(XssLesson.class);
-	private static String levelName = "XSS Lesson";
-	private static String levelHash = "zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a";
-	/**
-	 * Cross Site Request Forgery safe Reflected XSS vulnerability. cannot be remotely deployed, and therefore only is executable against the person initiating the function.
-	 * @param searchTerm To be spat back out at the user
-	 */
-	public void doPost (HttpServletRequest request, HttpServletResponse response) 
-	throws ServletException, IOException
-	{
-		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
-		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
-		log.debug(levelName + " Servlet Accessed");
-		PrintWriter out = response.getWriter();  
-		out.print(getServletInfo());
-
-		//Translation Stuff
-		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
-		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
-		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.lessons.xss", locale);
-		
-		try
-		{
-			HttpSession ses = request.getSession(true);
-			if(Validate.validateSession(ses))
-			{
-				ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
-				log.debug(levelName + " accessed by: " + ses.getAttribute("userName").toString());
-				Cookie tokenCookie = Validate.getToken(request.getCookies());
-				Object tokenParmeter = request.getParameter("csrfToken");
-				if(Validate.validateTokens(tokenCookie, tokenParmeter))
-				{
-					String searchTerm = request.getParameter("searchTerm");
-					log.debug("User Submitted - " + searchTerm);
-					String htmlOutput = new String();
-					if(FindXSS.search(searchTerm))
-					{
-						String theHash = this.getClass().getSimpleName();
-						log.debug("XSS Lesson Completed!");
-						Encoder encoder = ESAPI.encoder();
-						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
-								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
-								"" + bundle.getString("result.resultKey") + " <a>" +
-								encoder.encodeForHTML(
-										Hash.generateUserSolution(Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash), (String)ses.getAttribute("userName"))
-								) +
-								"</a>";
-					}
-					log.debug("Adding searchTerm to Html: " + searchTerm);
-					htmlOutput += "<h2 class='title'>" + bundle.getString("response.searchResults") + "</h2>" +
-						"<p>" + bundle.getString("response.noResults") + " '" +
-						searchTerm +
-						"'</p>";
-					log.debug("Outputting HTML");
-					out.write(htmlOutput);
-				}
-			}
-			else
-			{
-				log.error(levelName + " accessed with no session");
-				out.write(errors.getString("error.noSession"));
-			}
-		}
-		catch(Exception e)
-		{
-			out.write(errors.getString("error.funky"));
-			log.fatal(levelName + " - " + e.toString());
-		}
-		log.debug("End of " + levelName + " Servlet");
-	}
-}
+package servlets.module.lesson;
+
+import java.io.IOException;
+import java.io.PrintWriter;
+import java.util.Locale;
+import java.util.ResourceBundle;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.Cookie;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+import org.apache.log4j.Logger;
+
+import dbProcs.Getter;
+import utils.FindXSS;
+import utils.Hash;
+import utils.ShepherdLogManager;
+import utils.Validate;
+
+/**
+ * Cross Site Scripting Lesson
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * @author Mark Denihan
+ *
+ */
+public class XssLesson 
+extends HttpServlet
+{
+	private static final long serialVersionUID = 1L;
+	private static org.apache.log4j.Logger log = Logger.getLogger(XssLesson.class);
+	private static String levelName = "XSS Lesson";
+	private static String levelHash = "zf8ed52591579339e590e0726c7b24009f3ac54cdff1b81a65db1688d86efb3a";
+	/**
+	 * Cross Site Request Forgery safe Reflected XSS vulnerability. cannot be remotely deployed, and therefore only is executable against the person initiating the function.
+	 * @param searchTerm To be spat back out at the user
+	 */
+	public void doPost (HttpServletRequest request, HttpServletResponse response) 
+	throws ServletException, IOException
+	{
+		//Setting IpAddress To Log and taking header for original IP if forwarded from proxy
+		ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"));
+		log.debug(levelName + " Servlet Accessed");
+		PrintWriter out = response.getWriter();  
+		out.print(getServletInfo());
+
+		//Translation Stuff
+		Locale locale = new Locale(Validate.validateLanguage(request.getSession()));
+		ResourceBundle errors = ResourceBundle.getBundle("i18n.servlets.errors", locale);
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.lessons.xss", locale);
+		
+		try
+		{
+			HttpSession ses = request.getSession(true);
+			if(Validate.validateSession(ses))
+			{
+				ShepherdLogManager.setRequestIp(request.getRemoteAddr(), request.getHeader("X-Forwarded-For"), ses.getAttribute("userName").toString());
+				log.debug(levelName + " accessed by: " + ses.getAttribute("userName").toString());
+				Cookie tokenCookie = Validate.getToken(request.getCookies());
+				Object tokenParmeter = request.getParameter("csrfToken");
+				if(Validate.validateTokens(tokenCookie, tokenParmeter))
+				{
+					String searchTerm = request.getParameter("searchTerm");
+					log.debug("User Submitted - " + searchTerm);
+					String htmlOutput = new String();
+					if(FindXSS.search(searchTerm))
+					{
+						log.debug("XSS Lesson Completed!");
+						htmlOutput = "<h2 class='title'>" + bundle.getString("result.wellDone") + "</h2>" +
+								"<p>" + bundle.getString("result.youDidIt") + "<br />" +
+								"" + bundle.getString("result.resultKey") +
+								Hash.generateUserSolution(Getter.getModuleResultFromHash(getServletContext().getRealPath(""), levelHash), (String)ses.getAttribute("userName"));
+					}
+					log.debug("Adding searchTerm to Html: " + searchTerm);
+					htmlOutput += "<h2 class='title'>" + bundle.getString("response.searchResults") + "</h2>" +
+						"<p>" + bundle.getString("response.noResults") + " '" +
+						searchTerm +
+						"'</p>";
+					log.debug("Outputting HTML");
+					out.write(htmlOutput);
+				}
+			}
+			else
+			{
+				log.error(levelName + " accessed with no session");
+				out.write(errors.getString("error.noSession"));
+			}
+		}
+		catch(Exception e)
+		{
+			out.write(errors.getString("error.funky"));
+			log.fatal(levelName + " - " + e.toString());
+		}
+		log.debug("End of " + levelName + " Servlet");
+	}
+}
diff --git a/SecurityShepherdCore/src/utils/Analytics.java b/SecurityShepherdCore/src/utils/Analytics.java
index 16cf6e722..233a5fb6b 100644
--- a/SecurityShepherdCore/src/utils/Analytics.java
+++ b/SecurityShepherdCore/src/utils/Analytics.java
@@ -1,5 +1,8 @@
 package utils;
 
+import java.util.Locale;
+import java.util.ResourceBundle;
+
 /**
  * Manages What Google Analytics is used by the Shepherd instance. If Any
  * @author Mark Denihan
@@ -20,22 +23,20 @@ public class Analytics
 		"</script>";
 	public static String sourceForgeMobileVmLinkBlurb = new String(""
 			+ "To complete this challenge you'll need to use the <a href='http://bit.ly/mobileShepherdVm'>Security Shepherd Android Virtual Machine</a> that contains the app. ");
-	private static String mobileVmLinkBlurb1 = new String("To complete this challenge you'll need to use the ");
-	private static String mobileVmLinkBlurb2 = new String(" app found in the <a href='http://bit.ly/mobileShepherdVm' target='_blank'>Security Shepherd Android Virtual Machine</a>.");
-	public static String sponsorshipMessage = new String("<h2 class=\"title\">Project Sponsors</h2>" +
+	public static String sponsorshipMessage(Locale locale)
+	{
+		//Get Language Bundle
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.text", locale);
+		return new String("<h2 class=\"title\">" + bundle.getString("sponsorship.title") + "</h2>" +
 			"<p>" +
-			"The OWASP Security Shepherd project would like to acknowledge and thank the generous support of our sponsors. Please check out their web pages and follow them on twitter." +
+			bundle.getString("sponsorship.message.1") +
 			"<br/><br/>" +
 			"<a href=\"http://bit.ly/BccRiskAdvisorySite\"><img src=\"css/images/bccRiskAdvisorySmallLogo.jpg\" alt=\"BCC Risk Advisory\"/></a>" +
 			"<a href=\"http://bit.ly/EdgeScan\"><img src=\"css/images/edgescanSmallLogo.jpg\" alt=\"EdgeScan\" /></a>" +
 			"<br/>" +
 			"<a href=\"http://bit.ly/manicode\"><img src=\"css/images/manicode-logo.png\" style=\"margin-top: 5px;\"></a>" +
 			"<br/><br/>" +
-			"The OWASP Security Shepherd Project would also like to thank Dr. Anthony Keane and the ITB Security Research Lab for hosting the public https://owasp.securityShepherd.eu!" +  
-			"<br/><a href=\"http://securityresearch.ie/\"><img src=\"https://www.owasp.org/images/thumb/2/24/Fontlogo.png/300px-Fontlogo.png\"/></a></p>");	
-	
-	public static String getMobileLevelBlurb (String appName)
-	{
-		return mobileVmLinkBlurb1 + appName + mobileVmLinkBlurb2;
+			bundle.getString("sponsorship.message.2") +  
+			"<br/><a href=\"http://securityresearch.ie/\"><img src=\"https://www.owasp.org/images/thumb/2/24/Fontlogo.png/300px-Fontlogo.png\"/></a></p>");
 	}
 }
diff --git a/SecurityShepherdCore/src/utils/Hash.java b/SecurityShepherdCore/src/utils/Hash.java
index 514fc9c26..a21522dbf 100644
--- a/SecurityShepherdCore/src/utils/Hash.java
+++ b/SecurityShepherdCore/src/utils/Hash.java
@@ -1,418 +1,429 @@
-package utils;
-
-import java.math.BigInteger;
-import java.nio.charset.Charset;
-import java.security.GeneralSecurityException;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-import javax.servlet.http.Cookie;
-
-import org.apache.log4j.Logger;
-import org.apache.commons.codec.binary.Base64;
-
-/**
- * Class used for miscellaneous Hash use
- * <br/><br/>
- * This file is part of the Security Shepherd Project.
- * 
- * The Security Shepherd project is free software: you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation, either version 3 of the License, or
- * (at your option) any later version.<br/>
- * 
- * The Security Shepherd project is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.<br/>
- * 
- * You should have received a copy of the GNU General Public License
- * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
- * @author Mark Denihan
- *
- */
-public class Hash 
-{
-	private static org.apache.log4j.Logger log = Logger.getLogger(Hash.class);
-	public static String userNameKey = randomKeyLengthString();
-	private static String encryptionKeySalt = randomKeyLengthString();
-	private static String serverEncryptionKey = randomKeyLengthString();
-	
-	/**
-	 * Merges current server encryption key with user name based encryption key to create user specific key
-	 * @param userName
-	 * @return
-	 */
-	private static String createUserSpecificEncryptionKey (String userNameKey) throws Exception 
-	{
-		if(userNameKey.length() != 16)
-			throw new Exception("User Name key must be 16 bytes long");
-		else
-		{
-			byte[] serverKey = serverEncryptionKey.getBytes();
-			byte[] userKey = userNameKey.getBytes();
-			for(int i = 0; i < userKey.length; i++)
-			{
-				userKey[i] = (byte)(userKey[i] + serverKey[i]);
-			}
-			return new String(userKey, Charset.forName("US-ASCII"));
-		}
-	}
-	
-	/**
-	 * Decrypts data using specific key and ciphertext
-	 * @param key Encryption Key (Must be 16 Bytes)
-	 * @param encrypted Ciphertext to decrypt
-	 * @return Plaintext decrypted from submitted ciphertext and key
-	 * @throws GeneralSecurityException
-	 */
-	public static String decrypt(String key, String encrypted)
-	throws GeneralSecurityException 
-	{
-		byte[] raw = key.getBytes(Charset.forName("US-ASCII"));
-		if (raw.length != 16)
-		{
-			throw new IllegalArgumentException("Invalid key size.");
-		}
-		SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
-		Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
-		cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));
-		byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted));
-		return new String(original, Charset.forName("US-ASCII"));
-	}
-	
-	/**
-	 * Specifically decrypts encrypted user names
-	 * @param encyptedUserName Encrypted user name
-	 * @return Decrypted User name
-	 */
-	public static String decryptUserName (String encyptedUserName)
-	{
-		String decryptedUserName = new String();
-		try 
-		{
-			decryptedUserName = Hash.decrypt(Hash.userNameKey, encyptedUserName);
-			log.debug("Decrypted user-name to: " + decryptedUserName);
-		} 
-		catch (GeneralSecurityException e)
-		{
-			log.error("Could not decrypt user name: " + e.toString());
-		}
-		return decryptedUserName;
-	}
-	
-	public static String decryptUserSpecificSolution(String userNameKey, String encryptedSolution)
-	throws GeneralSecurityException, Exception 
-	{
-		try
-		{
-			String key = createUserSpecificEncryptionKey(userNameKey);
-			byte[] raw = key.getBytes(Charset.forName("US-ASCII"));
-			if (raw.length != 16)
-			{
-				throw new IllegalArgumentException("Invalid key size.");
-			}
-			SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
-			Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
-			cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));
-			byte[] original = cipher.doFinal(Base64.decodeBase64(encryptedSolution));
-			return new String(original, Charset.forName("US-ASCII"));
-		}
-		catch (Exception e)
-		{
-			throw new Exception("Decryption Failure: Could not Craft User Key or Ciphertext was Bad");
-		}
-	}
-	
-	/**
-	 * Encrypts plain text into cipher text based on encryption key
-	 * @param key Encryption Key (Must be 16 Bytes)
-	 * @param value Plain text to encrypt
-	 * @return Cipher text based on plain text and key submitted
-	 * @throws GeneralSecurityException
-	 */
-	public static String encrypt(String key, String value)
-	throws GeneralSecurityException 
-	{
-		byte[] raw = key.getBytes(Charset.forName("US-ASCII"));
-		if (raw.length != 16) 
-		{
-			throw new IllegalArgumentException("Invalid key size.");
-		}
-		SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
-		Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
-		cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));
-		return Base64.encodeBase64String(cipher.doFinal(value.getBytes(Charset.forName("US-ASCII"))));
-	}
-	
-	/**
-	 * Generates user solution based on the user name stored in their encypted cookie
-	 * @param baseKey The stored result key for the module
-	 * @param cookies All of a users session cookies. The encrypted user name is pulled out from this array
-	 * @return User Specific Solution
-	 */
-	public static String generateUserSolution(String baseKey, Cookie[] cookies)
-	{
-		log.debug("Getting user Specific key");
-		String cookieName = "JSESSIONID3";
-		Cookie myCookie = null;
-		String toReturn = "Key Should be here! Please refresh the home page and try again!";
-		log.debug("Looking for key cookie");
-		if (cookies != null)
-		{
-			for (int i = 0; i < cookies.length; i++) 
-			{
-				log.debug("Looking at: " + cookies[i].getName() + " = " + cookies[i].getValue());
-				if (cookies[i].getName().equals(cookieName))
-				{
-					myCookie = cookies[i];
-					log.debug("Found Cookie with value: " + myCookie.getValue());
-					break;
-				}
-			}
-			try 
-			{
-				String decryptedUserName = Hash.decrypt(Hash.userNameKey, myCookie.getValue());
-				log.debug("Decrypted UserName: " + decryptedUserName);
-				String key = createUserSpecificEncryptionKey(Validate.validateEncryptionKey(decryptedUserName));
-				toReturn = Hash.encrypt(key, baseKey + getCurrentSalt());
-				log.debug("Returning: " + toReturn);
-			} 
-			catch (Exception e) 
-			{ 
-				log.error("Encryption Failure: " + e.toString());
-				toReturn = "Key Should be here! Please refresh the home page and try again!";
-			}
-		}
-		return "<b style='word-wrap: break-word;'>" + toReturn + "</b>";
-	}
-	
-	/**
-	 * Generates user specific solution based on the user name provided and server side encryption keys
-	 * @param baseKey The stored result key for the module
-	 * @param userSalt The User Specific Encryption Salt (Based on user name)
-	 * @return User Specific Solution
-	 */
-	public static String generateUserSolution(String baseKey, String userSalt)
-	{
-		log.debug("Generating key for " + userSalt);
-		String toReturn = "Key Should be here! Please refresh the home page and try again!";
-			try 
-			{
-				String key = createUserSpecificEncryptionKey(Validate.validateEncryptionKey(userSalt));
-				toReturn = Hash.encrypt(key, baseKey + getCurrentSalt());
-				log.debug("Returning: " + toReturn);
-			} 
-			catch (Exception e) 
-			{ 
-				log.error("Encrypt Failure: " + e.toString());
-				toReturn = "Key Should be here! Please refresh the home page and try again!";
-			}
-		return toReturn;
-	}
-	
-	/**
-	 * This is used when encrypting/decrypting the salt. If this is bypassed characters can be lost in encryption process.
-	 * @return
-	 */
-	public static String getCurrentSalt()
-	{
-		return Base64.encodeBase64String(encryptionKeySalt.getBytes());
-	}
-	
-	/**
-	 * Outputs a MD5 digest
-	 * @param toHash String to hash
-	 * @return Hashed String
-	 */
-	public static String md5ThisString (String toHash)
-	{
-		String hashed = null;
-		byte[] byteArray = new byte[512];
-		MessageDigest md;
-		try 
-		{
-			md = MessageDigest.getInstance("MD5");
-			log.debug("Hashing Value With " + md.getAlgorithm());
-			byteArray = toHash.getBytes();
-			md.update(byteArray);
-			byteArray = md.digest();
-		} 
-		catch (NoSuchAlgorithmException e) 
-		{
-			log.fatal("Could not Find MD5 Algorithm: " + e.toString());
-		}
-		hashed = new String(byteArray, Charset.forName("US-ASCII"));
-
-		return hashed;
-	}
-	
-	/**
-	 * Creates a psedorandom base64 string
-	 * @return Random String
-	 */
-	public static String randomBase64String() 
-	{
-		String result = new String();
-		try
-		{
-			byte byteArray[] = new byte[256];
-			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
-			
-			Base64 base64 = new Base64();
-			psn1.setSeed(psn1.nextLong());
-			psn1.nextBytes(byteArray);
-			result = new String(byteArray, Charset.forName("US-ASCII"));
-			result = base64.encode(thisString(thisString(byteArray.toString())).getBytes()).toString();
-			log.debug("Generated String = " + result);
-		}
-		catch(Exception e)
-		{
-			log.error("Random Number Error : " + e.toString());
-		}
-		return result;
-	}
-	
-	public static String randomKeyLengthString()
-	{
-		String result = new String();
-		try
-		{
-			byte byteArray[] = new byte[16];
-			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
-			psn1.setSeed(psn1.nextLong());
-			psn1.nextBytes(byteArray);
-			result = new String(byteArray, Charset.forName("US-ASCII"));
-			//log.debug("Generated Key = " + result);
-			if(result.length() != 16)
-			{
-				log.error("Generated Key is the incorrect Length: Shortening ");
-				result = result.substring(0, 15);
-				if(result.length() != 16)
-					log.fatal("Encryption key length is Still not Right");
-			}
-		}
-		catch(Exception e)
-		{
-			log.error("Random Number Error : " + e.toString());
-		}
-		return result;
-	}
-
-	/**
-	 * Creates a psedorandom string
-	 * @return Random String
-	 */
-	public static String randomString() 
-	{
-		String result = new String();
-		try
-		{
-			byte byteArray[] = new byte[16];
-			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
-			psn1.setSeed(psn1.nextLong());
-			psn1.nextBytes(byteArray);
-			BigInteger bigInt = new BigInteger(byteArray);
-			result = bigInt.toString();
-			log.debug("Generated String = " + result);
-			
-		}
-		catch(Exception e)
-		{
-			log.error("Random Number Error : " + e.toString());
-		}
-		return result;
-	}
-	
-	/**
-	 * Generates a small psedorandom string
-	 * @return Random String
-	 */
-	public static String smallRandomString() 
-	{
-		String result = new String();
-		try
-		{
-			byte byteArray[] = new byte[4];
-			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
-			psn1.setSeed(psn1.nextLong());
-			psn1.nextBytes(byteArray);
-			BigInteger bigInt = new BigInteger(byteArray);
-			result = bigInt.toString();
-			log.debug("Generated String = " + result);
-			
-		}
-		catch(Exception e)
-		{
-			log.error("Random Number Error : " + e.toString());
-		}
-		return result;
-	}
-	
-	/**
-	 * Outputs a SHA256 digest
-	 * @param toHash String to hash
-	 * @return Hashed string
-	 */
-	public static String thisString (String toHash)
-	{
-		String hashed = null;
-		byte[] byteArray = new byte[256];
-		MessageDigest md;
-		try 
-		{
-			md = MessageDigest.getInstance("SHA");
-			log.debug("Hashing Value With " + md.getAlgorithm());
-			byteArray = toHash.getBytes();
-			md.update(byteArray);
-			byteArray = md.digest();
-		} 
-		catch (NoSuchAlgorithmException e) 
-		{
-			log.fatal("Could not Find SHA Algorithm: " + e.toString());
-		}
-		hashed = new String(byteArray, Charset.forName("US-ASCII"));
-
-		return hashed;
-	}
-	
-
-	public static String validateEncryptionKey(String userSalt)
-	{
-		String newKey = new String();
-		int keySize = userSalt.length();
-		if(keySize == 16)
-		{
-			//log.debug("Key Already Valid");
-			newKey = userSalt;
-		}
-		else
-		{
-			if(keySize > 16)
-			{
-				//log.debug("Key too Long...");
-				newKey = userSalt.substring(0, 16);
-			}
-			else // Shorter than 16
-			{
-				//log.debug("Key too Short...");
-				newKey = userSalt;
-				int howManyTimes = (16 / keySize) - 1;
-				//log.debug("Repeating String " + howManyTimes + " times");
-				for(int i = 0; i < howManyTimes; i++)
-					newKey += userSalt;
-				keySize = newKey.length();
-				int toAdd = 16 - keySize;
-				//log.debug("Adding " + toAdd + " more characters");
-				newKey = newKey.concat(userSalt.substring(0, toAdd));
-			}
-		}
-		log.debug("Encryption key is '" + newKey + "'");
-		return newKey;
-	}
-	
-}
+package utils;
+
+import java.math.BigInteger;
+import java.nio.charset.Charset;
+import java.security.GeneralSecurityException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+
+import javax.crypto.Cipher;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+import javax.servlet.http.Cookie;
+
+import org.apache.log4j.Logger;
+import org.apache.commons.codec.binary.Base64;
+
+/**
+ * Class used for miscellaneous Hash use
+ * <br/><br/>
+ * This file is part of the Security Shepherd Project.
+ * 
+ * The Security Shepherd project is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.<br/>
+ * 
+ * The Security Shepherd project is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.<br/>
+ * 
+ * You should have received a copy of the GNU General Public License
+ * along with the Security Shepherd project.  If not, see <http://www.gnu.org/licenses/>. 
+ * @author Mark Denihan
+ *
+ */
+public class Hash 
+{
+	private static org.apache.log4j.Logger log = Logger.getLogger(Hash.class);
+	public static String userNameKey = randomKeyLengthString();
+	private static String encryptionKeySalt = randomKeyLengthString();
+	private static String serverEncryptionKey = randomKeyLengthString();
+	
+	/**
+	 * Merges current server encryption key with user name based encryption key to create user specific key
+	 * @param userName
+	 * @return
+	 */
+	private static String createUserSpecificEncryptionKey (String userNameKey) throws Exception 
+	{
+		if(userNameKey.length() != 16)
+			throw new Exception("User Name key must be 16 bytes long");
+		else
+		{
+			byte[] serverKey = serverEncryptionKey.getBytes();
+			byte[] userKey = userNameKey.getBytes();
+			for(int i = 0; i < userKey.length; i++)
+			{
+				userKey[i] = (byte)(userKey[i] + serverKey[i]);
+			}
+			return new String(userKey, Charset.forName("US-ASCII"));
+		}
+	}
+	
+	/**
+	 * Decrypts data using specific key and ciphertext
+	 * @param key Encryption Key (Must be 16 Bytes)
+	 * @param encrypted Ciphertext to decrypt
+	 * @return Plaintext decrypted from submitted ciphertext and key
+	 * @throws GeneralSecurityException
+	 */
+	public static String decrypt(String key, String encrypted)
+	throws GeneralSecurityException 
+	{
+		byte[] raw = key.getBytes(Charset.forName("US-ASCII"));
+		if (raw.length != 16)
+		{
+			throw new IllegalArgumentException("Invalid key size.");
+		}
+		SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+		Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+		cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));
+		byte[] original = cipher.doFinal(Base64.decodeBase64(encrypted));
+		return new String(original, Charset.forName("US-ASCII"));
+	}
+	
+	/**
+	 * Specifically decrypts encrypted user names
+	 * @param encyptedUserName Encrypted user name
+	 * @return Decrypted User name
+	 */
+	public static String decryptUserName (String encyptedUserName)
+	{
+		String decryptedUserName = new String();
+		try 
+		{
+			decryptedUserName = Hash.decrypt(Hash.userNameKey, encyptedUserName);
+			log.debug("Decrypted user-name to: " + decryptedUserName);
+		} 
+		catch (GeneralSecurityException e)
+		{
+			log.error("Could not decrypt user name: " + e.toString());
+		}
+		return decryptedUserName;
+	}
+	
+	public static String decryptUserSpecificSolution(String userNameKey, String encryptedSolution)
+	throws GeneralSecurityException, Exception 
+	{
+		try
+		{
+			String key = createUserSpecificEncryptionKey(userNameKey);
+			byte[] raw = key.getBytes(Charset.forName("US-ASCII"));
+			if (raw.length != 16)
+			{
+				throw new IllegalArgumentException("Invalid key size.");
+			}
+			SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+			Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+			cipher.init(Cipher.DECRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));
+			byte[] original = cipher.doFinal(Base64.decodeBase64(encryptedSolution));
+			return new String(original, Charset.forName("US-ASCII"));
+		}
+		catch (Exception e)
+		{
+			throw new Exception("Decryption Failure: Could not Craft User Key or Ciphertext was Bad");
+		}
+	}
+	
+	/**
+	 * Encrypts plain text into cipher text based on encryption key
+	 * @param key Encryption Key (Must be 16 Bytes)
+	 * @param value Plain text to encrypt
+	 * @return Cipher text based on plain text and key submitted
+	 * @throws GeneralSecurityException
+	 */
+	public static String encrypt(String key, String value)
+	throws GeneralSecurityException 
+	{
+		byte[] raw = key.getBytes(Charset.forName("US-ASCII"));
+		if (raw.length != 16) 
+		{
+			throw new IllegalArgumentException("Invalid key size.");
+		}
+		SecretKeySpec skeySpec = new SecretKeySpec(raw, "AES");
+		Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
+		cipher.init(Cipher.ENCRYPT_MODE, skeySpec, new IvParameterSpec(new byte[16]));
+		return Base64.encodeBase64String(cipher.doFinal(value.getBytes(Charset.forName("US-ASCII"))));
+	}
+	
+	/**
+	 * Generates user solution based on the user name stored in their encypted cookie
+	 * @param baseKey The stored result key for the module
+	 * @param cookies All of a users session cookies. The encrypted user name is pulled out from this array
+	 * @return User Specific Solution
+	 */
+	public static String generateUserSolution(String baseKey, Cookie[] cookies)
+	{
+		log.debug("Getting user Specific key");
+		String cookieName = "JSESSIONID3";
+		Cookie myCookie = null;
+		String toReturn = "Key Should be here! Please refresh the home page and try again!";
+		log.debug("Looking for key cookie");
+		if (cookies != null)
+		{
+			for (int i = 0; i < cookies.length; i++) 
+			{
+				log.debug("Looking at: " + cookies[i].getName() + " = " + cookies[i].getValue());
+				if (cookies[i].getName().equals(cookieName))
+				{
+					myCookie = cookies[i];
+					log.debug("Found Cookie with value: " + myCookie.getValue());
+					break;
+				}
+			}
+			try 
+			{
+				String decryptedUserName = Hash.decrypt(Hash.userNameKey, myCookie.getValue());
+				log.debug("Decrypted UserName: " + decryptedUserName);
+				String key = createUserSpecificEncryptionKey(Validate.validateEncryptionKey(decryptedUserName));
+				toReturn = Hash.encrypt(key, baseKey + getCurrentSalt());
+				log.debug("Returning: " + toReturn);
+			} 
+			catch (Exception e) 
+			{ 
+				log.error("Encryption Failure: " + e.toString());
+				toReturn = "Key Should be here! Please refresh the home page and try again! If that doesn't work, sign in and out again!";
+			}
+		}
+		return "<b style='word-wrap: break-word;'>" + toReturn + "</b>";
+	}
+	
+	/**
+	 * Generates user specific solution based on the user name provided and server side encryption keys
+	 * @param baseKey The stored result key for the module
+	 * @param userSalt The User Specific Encryption Salt (Based on user name)
+	 * @return User Specific Solution
+	 */
+	public static String generateUserSolution(String baseKey, String userSalt)
+	{
+		log.debug("Generating key for " + userSalt);
+		String toReturn = "Key Should be here! Please refresh the home page and try again!";
+
+			try 
+			{
+				String key = createUserSpecificEncryptionKey(Validate.validateEncryptionKey(userSalt));
+				String forLog = Hash.encrypt(key, baseKey + getCurrentSalt());
+				toReturn = "<script>prepTooltips();prepClipboardEvents();</script>"
+						+ "<div class='input-group'>" +
+								"<textarea id='theKey' rows=2 style='height: 30px; display: inline-block; float: left; padding-right: 1em; overflow: hidden; width:85%'>"+forLog+"</textarea>" +
+								"<span class='input-group-button'>" +
+									"<button class='btn' type='button' data-clipboard-shepherd data-clipboard-target='#theKey' style='height: 30px;'>" +
+										"<img src='../js/clipboard-js/clippy.svg' width='14' alt='Copy to clipboard'>" +
+									"</button>" +
+								"</span><p>&nbsp;</p>"
+						+ "</div>";
+
+				log.debug("Returning: " + forLog);
+			} 
+			catch (Exception e) 
+			{ 
+				log.error("Encrypt Failure: " + e.toString());
+				toReturn = "Key Should be here! Please refresh the home page and try again!";
+			}
+		return toReturn;
+	}
+	
+	/**
+	 * This is used when encrypting/decrypting the salt. If this is bypassed characters can be lost in encryption process.
+	 * @return
+	 */
+	public static String getCurrentSalt()
+	{
+		return Base64.encodeBase64String(encryptionKeySalt.getBytes());
+	}
+	
+	/**
+	 * Outputs a MD5 digest
+	 * @param toHash String to hash
+	 * @return Hashed String
+	 */
+	public static String md5ThisString (String toHash)
+	{
+		String hashed = null;
+		byte[] byteArray = new byte[512];
+		MessageDigest md;
+		try 
+		{
+			md = MessageDigest.getInstance("MD5");
+			log.debug("Hashing Value With " + md.getAlgorithm());
+			byteArray = toHash.getBytes();
+			md.update(byteArray);
+			byteArray = md.digest();
+		} 
+		catch (NoSuchAlgorithmException e) 
+		{
+			log.fatal("Could not Find MD5 Algorithm: " + e.toString());
+		}
+		hashed = new String(byteArray, Charset.forName("US-ASCII"));
+
+		return hashed;
+	}
+	
+	/**
+	 * Creates a psedorandom base64 string
+	 * @return Random String
+	 */
+	public static String randomBase64String() 
+	{
+		String result = new String();
+		try
+		{
+			byte byteArray[] = new byte[256];
+			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
+			
+			Base64 base64 = new Base64();
+			psn1.setSeed(psn1.nextLong());
+			psn1.nextBytes(byteArray);
+			result = new String(byteArray, Charset.forName("US-ASCII"));
+			result = base64.encode(thisString(thisString(byteArray.toString())).getBytes()).toString();
+			log.debug("Generated String = " + result);
+		}
+		catch(Exception e)
+		{
+			log.error("Random Number Error : " + e.toString());
+		}
+		return result;
+	}
+	
+	public static String randomKeyLengthString()
+	{
+		String result = new String();
+		try
+		{
+			byte byteArray[] = new byte[16];
+			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
+			psn1.setSeed(psn1.nextLong());
+			psn1.nextBytes(byteArray);
+			result = new String(byteArray, Charset.forName("US-ASCII"));
+			//log.debug("Generated Key = " + result);
+			if(result.length() != 16)
+			{
+				log.error("Generated Key is the incorrect Length: Shortening ");
+				result = result.substring(0, 15);
+				if(result.length() != 16)
+					log.fatal("Encryption key length is Still not Right");
+			}
+		}
+		catch(Exception e)
+		{
+			log.error("Random Number Error : " + e.toString());
+		}
+		return result;
+	}
+
+	/**
+	 * Creates a psedorandom string
+	 * @return Random String
+	 */
+	public static String randomString() 
+	{
+		String result = new String();
+		try
+		{
+			byte byteArray[] = new byte[16];
+			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
+			psn1.setSeed(psn1.nextLong());
+			psn1.nextBytes(byteArray);
+			BigInteger bigInt = new BigInteger(byteArray);
+			result = bigInt.toString();
+			log.debug("Generated String = " + result);
+			
+		}
+		catch(Exception e)
+		{
+			log.error("Random Number Error : " + e.toString());
+		}
+		return result;
+	}
+	
+	/**
+	 * Generates a small psedorandom string
+	 * @return Random String
+	 */
+	public static String smallRandomString() 
+	{
+		String result = new String();
+		try
+		{
+			byte byteArray[] = new byte[4];
+			SecureRandom psn1 = SecureRandom.getInstance("SHA1PRNG");
+			psn1.setSeed(psn1.nextLong());
+			psn1.nextBytes(byteArray);
+			BigInteger bigInt = new BigInteger(byteArray);
+			result = bigInt.toString();
+			log.debug("Generated String = " + result);
+			
+		}
+		catch(Exception e)
+		{
+			log.error("Random Number Error : " + e.toString());
+		}
+		return result;
+	}
+	
+	/**
+	 * Outputs a SHA256 digest
+	 * @param toHash String to hash
+	 * @return Hashed string
+	 */
+	public static String thisString (String toHash)
+	{
+		String hashed = null;
+		byte[] byteArray = new byte[256];
+		MessageDigest md;
+		try 
+		{
+			md = MessageDigest.getInstance("SHA");
+			log.debug("Hashing Value With " + md.getAlgorithm());
+			byteArray = toHash.getBytes();
+			md.update(byteArray);
+			byteArray = md.digest();
+		} 
+		catch (NoSuchAlgorithmException e) 
+		{
+			log.fatal("Could not Find SHA Algorithm: " + e.toString());
+		}
+		hashed = new String(byteArray, Charset.forName("US-ASCII"));
+
+		return hashed;
+	}
+	
+
+	public static String validateEncryptionKey(String userSalt)
+	{
+		String newKey = new String();
+		int keySize = userSalt.length();
+		if(keySize == 16)
+		{
+			//log.debug("Key Already Valid");
+			newKey = userSalt;
+		}
+		else
+		{
+			if(keySize > 16)
+			{
+				//log.debug("Key too Long...");
+				newKey = userSalt.substring(0, 16);
+			}
+			else // Shorter than 16
+			{
+				//log.debug("Key too Short...");
+				newKey = userSalt;
+				int howManyTimes = (16 / keySize) - 1;
+				//log.debug("Repeating String " + howManyTimes + " times");
+				for(int i = 0; i < howManyTimes; i++)
+					newKey += userSalt;
+				keySize = newKey.length();
+				int toAdd = 16 - keySize;
+				//log.debug("Adding " + toAdd + " more characters");
+				newKey = newKey.concat(userSalt.substring(0, toAdd));
+			}
+		}
+		log.debug("Encryption key is '" + newKey + "'");
+		return newKey;
+	}
+	
+}
diff --git a/SecurityShepherdCore/src/utils/ScoreboardStatus.java b/SecurityShepherdCore/src/utils/ScoreboardStatus.java
index 011603ccb..9ade0de13 100644
--- a/SecurityShepherdCore/src/utils/ScoreboardStatus.java
+++ b/SecurityShepherdCore/src/utils/ScoreboardStatus.java
@@ -90,6 +90,15 @@ public static void setScoreboardClassSpecific()
 		classSpecificScoreboard = true;
 	}
 	
+	/**
+	 * Method to know if user is running a class specific scoreboard or not
+	 * @return True if class specific scoreboard is enabled. Otherwise False
+	 */
+	public static boolean isClassSpecificScoreboard ()
+	{
+		return classSpecificScoreboard;
+	}
+	
 	/**
 	 * Sets scoreboard to list all players regardless of class
 	 */
diff --git a/SecurityShepherdCore/src/utils/Validate.java b/SecurityShepherdCore/src/utils/Validate.java
index 7c52e092c..a41012efa 100644
--- a/SecurityShepherdCore/src/utils/Validate.java
+++ b/SecurityShepherdCore/src/utils/Validate.java
@@ -385,13 +385,20 @@ public static String validateParameter (Object input, int maxLength)
 		String result = new String();
 		try
 		{
-			result = (String) input;
-			if(result.length() > maxLength)
+			if(input == null)
 			{
-				log.debug("Parameter Too Long: " + result.length() + " characters");
-				log.debug("Parmaeter Was: " + result);
 				result = new String();
 			}
+			else
+			{
+				result = (String) input;
+				if(result.length() > maxLength)
+				{
+					log.debug("Parameter Too Long: " + result.length() + " characters");
+					log.debug("Parmaeter Was: " + result);
+					result = new String();
+				}
+			}
 		}
 		catch(Exception e)
 		{
diff --git a/SecurityShepherdCore/test/dbProcs/GetterTest.java b/SecurityShepherdCore/test/dbProcs/GetterTest.java
new file mode 100644
index 000000000..465a25cf6
--- /dev/null
+++ b/SecurityShepherdCore/test/dbProcs/GetterTest.java
@@ -0,0 +1,3070 @@
+package dbProcs;
+
+import static org.junit.Assert.*;
+
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.Locale;
+import java.util.ResourceBundle;
+
+import org.apache.log4j.Logger;
+import org.json.simple.JSONArray;
+import org.json.simple.JSONObject;
+import org.json.simple.JSONValue;
+import org.junit.Before;
+import org.junit.Test;
+
+import utils.ScoreboardStatus;
+
+/**
+ * Class is targeted to test all of the methods found in the src/dbprocs/Getter.java class, but does include some coverage of other classes, such as Setter.java and Database.java
+ * @author mark
+ *
+ */
+public class GetterTest 
+{
+	private static org.apache.log4j.Logger log = Logger.getLogger(GetterTest.class);
+	private static String propertiesFileDirectory = new String("/site");
+	private static String lang = new String("en_GB");
+	private static Locale locale = new Locale(lang);
+	private static String applicationRoot = new String();
+	private static final int totalNumberOfModulesInShepherd = 58;
+	
+	/**
+	 * Searches for class based on class name. If nothing is found, the class is created and the new class Id is returned
+	 * @param className Name of the class you wish to search / create
+	 * @return The Identifier of the class owning the name submitted
+	 * @throws Exception If the class cannot be created or found
+	 */
+	public static String findCreateClassId(String className) throws Exception
+	{
+		String classId = new String();
+		ResultSet rs = Getter.getClassInfo(applicationRoot);
+		while(rs.next())
+		{
+			if(rs.getString(2).compareTo(className) == 0)
+			{
+				classId = rs.getString(1);
+				break;
+			}
+		}
+		rs.close();
+		if(classId.isEmpty())
+		{
+			log.debug("Could not find class. Creating it");
+			if(Setter.classCreate(applicationRoot, className, "2015"))
+			{
+				log.debug("Class Created. Getting ID");
+				classId = findCreateClassId(className);
+			}
+			else
+			{
+				throw new Exception("Could not Create Class " + className);
+			}
+		}
+		return classId;
+	}
+	
+	/**
+	 * Searches for class based on class name. If nothing is found, the class is created and the new class Id is returned
+	 * @param className Name of the class you wish to search / create
+	 * @return The Identifier of the class owning the name submitted
+	 * @throws Exception If the class cannot be created or found
+	 */
+	public static String findCreateClassId(String className, String applicationRoot) throws Exception
+	{
+		String classId = new String();
+		ResultSet rs = Getter.getClassInfo(applicationRoot);
+		while(rs.next())
+		{
+			if(rs.getString(2).compareTo(className) == 0)
+			{
+				classId = rs.getString(1);
+				break;
+			}
+		}
+		rs.close();
+		if(classId.isEmpty())
+		{
+			log.debug("Could not find class. Creating it");
+			if(Setter.classCreate(applicationRoot, className, "2015"))
+			{
+				log.debug("Class Created. Getting ID");
+				classId = findCreateClassId(className, applicationRoot);
+			}
+			else
+			{
+				throw new Exception("Could not Create Class " + className);
+			}
+		}
+		return classId;
+	}
+	
+	/**
+	 * This method will sign in as an admin, or create the admin and sign in as them. If this fails it will throw an Exception.
+	 * This function will pass if correct user credentials are passed as well
+	 * @param applicationRoot Context of running application
+	 * @param userName The user name of the admin you want to create or sign in as
+	 * @param password The password of the admin you want to create or sign in as
+	 * @return Boolean value depicting if the user exists and can be authenticated
+	 * @throws Exception If admin Create function fails, an exception will be passed up
+	 */
+	private static boolean verifyTestAdmin(String applicationRoot, String userName, String password) throws Exception
+	{
+		boolean result = false;
+		try
+		{
+			String user[] = Getter.authUser(applicationRoot, userName, userName);
+			if(user == null || user[0].isEmpty())
+			{
+				log.debug("Test Failed. User not found in DB. Adding user to DB and Retesting before reporting failure");
+				Setter.userCreate(applicationRoot, null, userName, userName, "admin", userName+"@test.com", false);
+				user = Getter.authUser(applicationRoot, userName, userName);
+			}
+			if(user != null && !user[0].isEmpty())
+			{
+				log.debug(userName + " could authenticate. returning true");
+				result = true;
+			}
+			else
+			{
+				log.error("Couldnt verify that " + userName + " could authenticate at all. Throwing Exception");
+				throw new Exception("Could not Verify User " + userName + " could authenticate at all.");
+			}
+		}
+		catch(Exception e)
+		{
+			throw new Exception("Could not Create User " + userName + ": " + e.toString());
+		}
+		return result;
+	}
+	
+	/**
+	 * This method will sign in as a User, or create the user and sign in as them. If this fails it will throw an Exception
+	 * @param applicationRoot Context of running application
+	 * @param userName The user name of the user you want to create or sign in as
+	 * @param password The password of the user you want to create or sign in as
+	 * @return Boolean value depicting if the user exists and can be authenticated
+	 * @throws Exception If User Create function fails, an exception will be passed up
+	 */
+	public static boolean verifyTestUser(String applicationRoot, String userName, String password) throws Exception
+	{
+		boolean result = false;
+		try
+		{
+			String user[] = Getter.authUser(applicationRoot, userName, userName);
+			if(user == null || user[0].isEmpty())
+			{
+				log.debug("Test Failed. User not found in DB. Adding user to DB and Retesting before reporting failure");
+				Setter.userCreate(applicationRoot, null, userName, userName, "player", userName+"@test.com", false);
+				user = Getter.authUser(applicationRoot, userName, userName);
+			}
+			if(user != null && !user[0].isEmpty())
+			{
+				log.debug(userName + " could authenticate. returning true");
+				result = true;
+			}
+			else
+			{
+				log.error("Couldnt verify that " + userName + " could authenticate at all. Throwing Exception");
+				throw new Exception("Could not Verify User " + userName + " could authenticate at all.");
+			}
+		}
+		catch(Exception e)
+		{
+			throw new Exception("Could not Create User " + userName + ": " + e.toString());
+		}
+		return result;
+	}
+	
+	/**
+	 * This method will sign in as a User, or create the user and sign in as them. If this fails it will throw an Exception. 
+	 * They will be added to the submitted class
+	 * @param applicationRoot Context of running application
+	 * @param userName The user name of the user you want to create or sign in as
+	 * @param password The password of the user you want to create or sign in as
+	 * @param theClass The identifier of the class
+	 * @return Boolean value depicting if the user exists and can be authenticated
+	 * @throws Exception If User Create function fails, an exception will be passed up
+	 */
+	public static boolean verifyTestUser(String applicationRoot, String userName, String password, String theClass) throws Exception
+	{
+		boolean result = false;
+		try
+		{
+			String className = new String();
+			className = Getter.getClassInfo(applicationRoot, theClass)[0];
+			if(className.isEmpty())
+			{
+				log.error("Class does not exist.");
+				throw new Exception("Canot not verify test user with Invalid Class");
+			}
+			else
+			{
+				String user[] = Getter.authUser(applicationRoot, userName, userName);
+				if(user == null || user[0].isEmpty())
+				{
+					log.debug("Test Failed. User not found in DB. Adding user to DB and Retesting before reporting failure");
+					Setter.userCreate(applicationRoot, theClass, userName, userName, "player", userName+"@test.com", false);
+					user = Getter.authUser(applicationRoot, userName, userName);
+				}
+				if(user != null && !user[0].isEmpty())
+				{
+					log.debug(userName + " could authenticate. checking class");
+					if((user[4] == null || user[4].isEmpty()) && !theClass.isEmpty())
+					{
+						log.debug("Need to update user's class");
+						Setter.updatePlayerClass(applicationRoot, theClass, user[0]);
+					} 
+					else if(!user[4].equalsIgnoreCase(theClass))
+					{
+						log.debug("Need to update user's class");
+						Setter.updatePlayerClass(applicationRoot, theClass, user[0]);
+					}
+					else
+						log.debug("User in class submitted already");
+					result = true;
+				}
+				else
+				{
+					log.error("Couldnt verify that " + userName + " could authenticate at all. Throwing Exception");
+					throw new Exception("Could not Verify User " + userName + " could authenticate at all.");
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			throw new Exception("Could not Create User " + userName + ": " + e.toString());
+		}
+		return result;
+	}
+	
+	@Before
+	public void setUp()
+	{
+		applicationRoot = System.getProperty("user.dir") + propertiesFileDirectory;
+	}
+	
+	@Test
+	public void testAuthUserCorrectCredentials() 
+	{
+		String userName = new String("authWithGoodCreds");
+		try
+		{
+			String user[] = Getter.authUser(applicationRoot, userName, userName);
+			if(user == null || user[0].isEmpty())
+			{
+				log.debug("Test Failed. User not found in DB. Adding user to DB and Retesting before reporting failure");
+				Setter.userCreate(applicationRoot, null, userName, userName, "player", userName+"@test.com", false);
+				user = Getter.authUser(applicationRoot, userName, userName);
+			}
+			if(user != null && !user[0].isEmpty())
+			{
+				log.debug("PASS: Successfully signed in as " + userName);
+				return;
+			}
+			else
+			{
+				fail("Could not Authenticate as " + userName);
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Create user: " + e.toString());
+			fail("Could not create user " + userName);
+		}
+	}
+	
+	@Test
+	public void testAuthUserIncorrectCredentials() 
+	{
+		String userName = new String("authWithBadCreds");
+		try
+		{
+			String user[] = Getter.authUser(applicationRoot, userName, userName);
+			if(user == null || user[0].isEmpty())
+			{
+				log.debug("Test Failed. User not found in DB. Adding user to DB and Retesting before reporting failure");
+				Setter.userCreate(applicationRoot, null, userName, userName, "player", userName+"@test.com", false);
+				user = Getter.authUser(applicationRoot, userName, userName);
+			}
+			if(user != null && !user[0].isEmpty())
+			{
+				log.debug("User " + userName + " exists. Checking if Auth Works with bad pass");
+				if(Getter.authUser(applicationRoot, userName, userName+"wrongPassword") == null)
+				{
+					log.debug("PASS: Could not authenticate with bad pass for user " + userName);
+					return;
+				}
+				else
+				{
+					fail("Could Authenticate With Bad Pass for User " + userName);
+				}
+			}
+			else
+			{
+				fail("Couldnt verify " + userName + " could authenticate at all");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Create user: " + e.toString());
+			fail("Could not create user " + userName);
+		}
+	}
+	
+	@Test
+	public void testAuthUserSqlInjection() 
+	{
+		String userName = new String("authWithSqliCreds");
+		try
+		{
+			String user[] = Getter.authUser(applicationRoot, userName, userName);
+			if(user == null || user[0].isEmpty())
+			{
+				log.debug("Test Failed. User not found in DB. Adding user to DB and Retesting before reporting failure");
+				Setter.userCreate(applicationRoot, null, userName, userName, "player", userName+"@test.com", false);
+				user = Getter.authUser(applicationRoot, userName, userName);
+			}
+			if(user != null && !user[0].isEmpty())
+			{
+				log.debug("User " + userName + " exists. Checking if Auth Works with bad pass");
+				if(Getter.authUser(applicationRoot, userName, "'or'='1'='1") == null)
+				{
+					log.debug("PASS: Could not authenticate with SQL Injection for user " + userName);
+					return;
+				}
+				else
+				{
+					fail("Could Authenticate With SQL Injection for User " + userName);
+				}
+			}
+			else
+			{
+				fail("Couldnt verify " + userName + " could authenticate at all");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Create user: " + e.toString());
+			fail("Could not create user " + userName);
+		}
+	}
+	
+	@Test
+	public void testAuthUserSqlInjectionUserName() 
+	{
+		String userName = new String("authWithSqli+BadPassCreds");
+		try
+		{
+			String user[] = Getter.authUser(applicationRoot, userName, userName);
+			if(user == null || user[0].isEmpty())
+			{
+				log.debug("Test Failed. User not found in DB. Adding user to DB and Retesting before reporting failure");
+				Setter.userCreate(applicationRoot, null, userName, userName, "player", userName+"@test.com", false);
+				user = Getter.authUser(applicationRoot, userName, userName);
+			}
+			if(user != null && !user[0].isEmpty())
+			{
+				log.debug("User " + userName + " exists. Checking if Auth Works with bad pass");
+				if(Getter.authUser(applicationRoot, "'or'='1'='1' -- ", "wrongPassword") == null)
+				{
+					log.debug("PASS: Could not authenticate with SQL Injection for user " + userName);
+					return;
+				}
+				else
+				{
+					fail("Could Authenticate With SQL Injection for User Name");
+				}
+			}
+			else
+			{
+				fail("Couldnt verify " + userName + " could authenticate at all");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Create user: " + e.toString());
+			fail("Could not create user " + userName);
+		}
+	}
+	
+	@Test
+	public void testCheckPlayerResultWhenModuleComplete() 
+	{
+		String userName = new String("userResultWhenComplete");
+		String dataStorageLessonId = new String("53a53a66cb3bf3e4c665c442425ca90e29536edd");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the Module Can Be Opened
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, dataStorageLessonId, userId).isEmpty())
+					{
+						//Then, Mark the Challenge Complete for user (Insecure Data Storage Lesson)
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, dataStorageLessonId, userId, "Feedback is Disabled", 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{
+							String checkPlayerResultTest = Getter.checkPlayerResult(applicationRoot, dataStorageLessonId, userId);
+							log.debug("checkPlayerResultTest" + checkPlayerResultTest);
+							if(checkPlayerResultTest == null)
+								return; //Pass
+							else
+							{
+								fail("Function says user has not completed module"); //Even though this test just marked it as Completed
+							}
+						}
+						else
+							fail("Could not mark data storage lesson as complete for user");
+					}
+					else
+						fail("Could not Mark Data Storage Lesson as Opened by Default admin");
+				}
+				else
+					fail("Could not Open All Modules");
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+
+	@Test
+	public void testCheckPlayerResultWhenModuleNotComplete() 
+	{
+		String userName = new String("userHasModulesOpened");
+		String contentProviderLeakage = new String("5b461ebe2e5e2797740cb3e9c7e3f93449a93e3a");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, contentProviderLeakage, Getter.getUserIdFromName(applicationRoot, userName)).isEmpty())
+					{
+						String checkPlayerResultTest = Getter.checkPlayerResult(applicationRoot, contentProviderLeakage, Getter.getUserIdFromName(applicationRoot, userName));
+						if(checkPlayerResultTest != null)
+							return; //Pass
+						else
+						{
+							fail("Function says user has not opened challenge or has completed challenge before");
+						}
+					}
+					else
+					{
+						fail("Could not Content Provider Leakage Lesson as Opened by user");
+					}
+				}
+				else
+				{
+					fail("Could not Mark Modules As Opened");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testCheckPlayerResultWhenModuleNotOpened() 
+	{
+		String userName = new String("noModulesOpened");
+		String unOpenedModuleId = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11"); //Insecure Direct Object References Module Id
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String test = Getter.checkPlayerResult(applicationRoot, unOpenedModuleId, userName);
+				if(test != null)
+				{
+					log.fatal("result should be null but it was: " + test);
+					fail("Function says User has opened module they should not have opened by default"); // User Should not have completed this module by default after running a fresh DB. ensure you have a fresh DB if this fails
+				}
+				else
+				{
+					log.debug("PASS: Function says user has not opened module");
+					return; //Pass
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testCheckPlayerResultWhenModuleWhenOpened() 
+	{
+		String userName = new String("userHasModulesOpened");
+		String csrfChallengeThree = new String("5ca9115f3279b9b9f3308eb6a59a4fcd374846d6");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, csrfChallengeThree, Getter.getUserIdFromName(applicationRoot, userName)).isEmpty())
+					{
+						String test = Getter.checkPlayerResult(applicationRoot, csrfChallengeThree, Getter.getUserIdFromName(applicationRoot, userName));
+						if(test == null)
+						{
+							fail("Function says " + userName + " has not opened module"); // User Should have opened and not completed CSRF Three
+						}
+						else
+							return; //Pass
+					}
+					else
+						fail("Could not Mark CSRF 3 as Opened by " + userName);
+				}
+				else
+				{
+					fail("Could not Mark Modules As Opened");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testFindPlayerById() 
+	{ 
+		String userName = new String("UserForPlayerIdSearch");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				if(Getter.findPlayerById(applicationRoot, userId))
+				{
+					log.debug("PASS: Found user");
+					return;
+				}
+				else
+				{
+					fail("Could Not Find Player in Player Search");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	
+	@Test
+	public void testFindPlayerByIdWithAdminId() 
+	{ 
+		
+		String userName = new String("playerSearchWithAdmin");
+		try
+		{
+			if(verifyTestAdmin(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				if(!Getter.findPlayerById(applicationRoot, userId))
+				{
+					return;
+				}
+				else
+				{
+					fail("Found Admin in Player Search");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testFindPlayerByIdWithBadUserId() 
+	{
+		String userId = new String("DOES NOT EXIST");
+		if(!Getter.findPlayerById(applicationRoot, userId))
+		{
+			return;
+		}
+		else
+		{
+			fail("Found Player That Does Not Exist");
+		}
+	}
+	
+	@Test
+	public void testGetAllModuleInfo() 
+	{
+		ArrayList<String[]> modules = Getter.getAllModuleInfo(applicationRoot);
+		if(modules.size() > 75) //Shepherd v3.0 has 76 Modules. If less than All are Returned, then there is a problem with the Open Modules Function or the Retrieve data function
+		{
+			log.debug("PASS: Found " + modules.size() + " modules");
+			return;
+		}
+		else
+		{
+			log.fatal("Too Few Modules Returned to Pass Test: " + modules.size());
+			fail("Only " + modules.size() + "/~76 modules returned from function");
+		}
+	}
+	
+	@Test
+	public void testGetChallenges() 
+	{
+		String userName = new String("testGetChallengesUser");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the GetAllModuleInfo method will return data
+				if(Setter.openAllModules(applicationRoot))
+				{
+					String modules = Getter.getChallenges(applicationRoot, userId, locale);
+					if(!modules.isEmpty()) //Some Modules were included in response
+					{
+						//Get number of Challenges returned by getChallenges method
+						int numberofChallengesReturned = (modules.length() - modules.replace("class='lesson'", "").length()) / "class='lesson'".length();
+						if(numberofChallengesReturned > totalNumberOfModulesInShepherd)
+						{
+							log.debug("PASS: Found " + numberofChallengesReturned + " modules");
+							return;
+						}
+						else
+						{
+							log.debug("Too Few Challenges Returned to pass: " + numberofChallengesReturned + " returned");
+							fail("Too Few Challenges Returned to Pass");
+						}
+					}
+					else
+					{
+						log.fatal("No Modules Found. Returned empty String");
+						fail("No Modules Found");
+					}
+				}
+				else
+				{
+					fail("Could Not Mark Modules as Open Before Test");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetChallengesWhenModulesClosed() 
+	{
+		String userName = new String("getChallengesCLosedUser");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the GetAllModuleInfo method will return data
+				if(Setter.closeAllModules(applicationRoot))
+				{
+					String modules = Getter.getChallenges(applicationRoot, userId, locale);
+					if(!modules.isEmpty()) //Some Modules were included in response
+					{
+						//Get number of Challenges returned by getChallenges method
+						int numberofChallengesReturned = (modules.length() - modules.replace("class='lesson'", "").length()) / "class='lesson'".length();
+						if(!(numberofChallengesReturned > 0))
+						{
+							log.debug("PASS: Found " + numberofChallengesReturned + " modules");
+							return;
+						}
+						else
+						{
+							log.debug("Too Many Challenges Returned to pass: " + numberofChallengesReturned + " returned");
+							fail("Challenges Returned when all modules were closed");
+						}
+					}
+					else
+					{
+						log.fatal("No Modules Found. Returned empty String");
+						fail("No Modules Found");
+					}
+				}
+				else
+				{
+					fail("Could Not Mark Modules as Open Before Test");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+
+	
+	@Test
+	public void testGetClassCount() 
+	{
+		String className = new String("NewClassForGetCount");
+		try
+		{
+			findCreateClassId(className);
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Find or Create Class : " + e.toString());
+			fail("Could not Create/Find Class");
+		}
+		int classCount = Getter.getClassCount(applicationRoot);
+		if(classCount < 1)
+		{
+			fail("Class Count Too Low to Pass");
+		}
+		else
+		{
+			log.debug("PASS: Atleast One Class Returned");
+			return;
+		}
+	}
+	
+	
+	@Test
+	public void testGetClassInfoString() {
+		try
+		{
+			findCreateClassId("NewClassForGetInfo"); //Throws Exception if Fails
+			ResultSet rs = Getter.getClassInfo(applicationRoot);
+			if(rs.next())
+			{
+				if(!rs.getString(1).isEmpty())
+				{
+					log.debug("PASS: Class Information was returned");
+				}
+				else
+				{
+					fail("Data in Class Info Result Set was Blank");
+				}
+			}
+			else
+			{
+				fail("No Rows In Class Info Result Set");
+			}
+			rs.close();
+		}
+		catch(Exception e)
+		{
+			log.fatal("ClassInfo Failure: " + e.toString());
+			fail("Could not open ClassInfo Result Set");
+		}
+	}
+	
+	@Test
+	public void testGetClassInfoStringString() 
+	{
+		String classId = new String();
+		String className = new String("NewClassForGetInfo2");
+		try
+		{
+			findCreateClassId(className);
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Find or Create Class : " + e.toString());
+			fail("Could not Create/Find Class");
+		}
+		try
+		{
+			ResultSet rs = Getter.getClassInfo(applicationRoot);
+			while(rs.next())
+			{
+				if(rs.getString(2).equalsIgnoreCase("NewClassForGetInfo2"))
+				{
+					classId = rs.getString(1);
+					break;
+				}
+			}
+			rs.close();
+			if(classId.isEmpty())
+			{
+				fail("Could not Find Class ID in Get Info Result");
+			}
+			else
+			{
+				String[] classInfo = Getter.getClassInfo(applicationRoot, classId);
+				if(classInfo[0].equalsIgnoreCase("NewClassForGetInfo2") && classInfo[1].equalsIgnoreCase("2015"))
+				{
+					log.debug("PASS: Expected Data Returned from getClassInfo");
+				}
+				else
+				{
+					if(!classInfo[0].equalsIgnoreCase("NewClassForGetInfo2"))
+					{
+						fail("Incorrect Class Name returned from getClassInfo");
+					}
+					else if(!classInfo[1].equalsIgnoreCase("2015"))
+					{
+						fail("Incorrect Class Year returned from getClassInfo");
+					}
+					else
+					{
+						fail("Unexpected Failure");
+					}
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("ClassInfo Failure: " + e.toString());
+			fail("Could not open ClassInfo Result Set");
+		}
+	}
+	
+	@Test
+	public void testGetCsrfForumWithIframe() 
+	{
+		String classId = new String();
+		String moduleId = new String("0a37cb9296ff3763f7f3a45ff313bce47afa9384"); //CSRF Challenge 5
+		Locale locale = new Locale("en_GB");
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.csrf.csrfGenerics", locale);
+		try
+		{
+			classId = findCreateClassId("NewClassForCsrfIframeFourm");
+			String userName = new String("userforiframeclass");
+			if(verifyTestUser(applicationRoot, userName, userName, classId))
+			{
+				//Open all Modules First so that the Module Can Be Opened by the user
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, moduleId, Getter.getUserIdFromName(applicationRoot, userName)).isEmpty())
+					{
+						String csrfFourm = Getter.getCsrfForumWithIframe(applicationRoot, classId, moduleId, bundle);
+						if(csrfFourm.indexOf(userName) > -1)
+						{
+							log.debug("PASS: User was found in the fourm");
+							return;
+						}
+						else
+						{
+							log.error("Could not find user name '" + userName + "' in this: " + csrfFourm);
+							fail("User was not contained in the CSRF iFrame Forum");
+						}
+					}
+					else
+					{
+						fail("Could not open CSRF 5 as Created User");
+					}
+				}
+				else
+				{
+					fail("Could not Mark All Modules as Open");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("User/Class Error: " + e.toString());
+			fail("Could not Create User or Class");
+		}
+		log.debug("End of CSRF Iframe Forum Test");
+	}
+	
+	
+	@Test
+	public void testGetCsrfForumWithImg() 
+	{
+		String classId = new String();
+		String moduleId = new String("0a37cb9296ff3763f7f3a45ff313bce47afa9384"); //CSRF Challenge 5
+		ResourceBundle bundle = ResourceBundle.getBundle("i18n.servlets.challenges.csrf.csrfGenerics", locale);
+		String className = new String("NewClassForGetInfo");
+		try
+		{
+			classId = findCreateClassId(className);
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Find or Create Class : " + e.toString());
+		}
+		if(classId.isEmpty())
+		{
+			fail("Could not get ClassId");
+		}
+		else 
+		{
+			String userName = new String("userforimgclass");
+			try
+			{
+				if(verifyTestUser(applicationRoot, userName, userName, classId))
+				{
+					//Open all Modules First so that the Module Can Be Opened by the user
+					if(Setter.openAllModules(applicationRoot))
+					{
+						//Simulate user Opening Level
+						if(!Getter.getModuleAddress(applicationRoot, moduleId, Getter.getUserIdFromName(applicationRoot, userName)).isEmpty())
+						{
+							String csrfFourm = Getter.getCsrfForumWithImg(applicationRoot, classId, moduleId, bundle);
+							if(csrfFourm.indexOf(userName) > -1)
+							{
+								log.debug("PASS: User was found in the fourm");
+								return;
+							}
+							else
+							{
+								log.error("Could not find user name '" + userName + "' in this: " + csrfFourm);
+								fail("User was not contained in the CSRF Img Forum");
+							}
+						}
+						else
+						{
+							fail("Could not open CSRF 5 as Created User");
+						}
+					}
+					else
+					{
+						fail("Could not Mark All Modules as Open");
+					}
+				}
+				else
+				{
+					fail("Could not verify user (No Exception Failure)");
+				}
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Verify User: " + e.toString());
+				fail("Could not Verify User " + userName);
+			}
+		}
+	}
+	
+	@Test
+	public void testGetFeedback() 
+	{
+		String userName = new String("userGetFeedback");
+		String dataStorageLessonId = new String("53a53a66cb3bf3e4c665c442425ca90e29536edd");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the Module Can Be Opened
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, dataStorageLessonId, userId).isEmpty())
+					{
+						//Then, Mark the Challenge Complete for user (Insecure Data Storage Lesson)
+						String feedbackSearchCode = "RwarUNiqueFeedbackCodeToSEARCHFor1182371723";
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, dataStorageLessonId, userId, feedbackSearchCode, 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{
+							String checkPlayerResultTest = Getter.checkPlayerResult(applicationRoot, dataStorageLessonId, userId);
+							log.debug("checkPlayerResultTest" + checkPlayerResultTest);
+							if(checkPlayerResultTest == null)
+							{
+								log.debug("Checking to see if the feedback is included in the getFeeback response for the module");
+								String feedback = Getter.getFeedback(applicationRoot, dataStorageLessonId);
+								if(feedback.indexOf(feedbackSearchCode) > -1)
+								{
+									log.debug("PASS: Detected the user's feedback");
+									return;
+								}
+								else
+								{
+									log.fatal("User's Feedback '" + feedbackSearchCode + "' was not found in: " + feedback);
+									fail("Could not find user's feedback");
+								}
+							}
+							else
+							{
+								fail("Function says user has not completed module"); //Even though this test just marked it as Completed
+							}
+						}
+						else
+							fail("Could not mark data storage lesson as complete for user");
+					}
+					else
+						fail("Could not Mark Data Storage Lesson as Opened by Default admin");
+				}
+				else
+					fail("Could not Open All Modules");
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+
+	@Test
+	public void testGetIncrementalModulesWithModulesClosed() 
+	{
+		String userName = new String("testIncModuleMenu2");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Close all Modules First
+				if(Setter.closeAllModules(applicationRoot))
+				{
+					String incrementalModules = Getter.getIncrementalModules(applicationRoot, userId, lang, "testingCSRFtoken");
+					if(incrementalModules.indexOf("You've Finished!") > -1) //IF no modules are open, this is the expected leading string
+					{
+						log.debug("PASS: Menu appears to have compiled correctly");
+					}
+					else
+					{
+						log.debug("incrementalModules returned: " + incrementalModules);
+						fail("Could not Detect Finished Message");
+					}
+				}
+				else
+				{
+					fail("Could not Close All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	 
+	@Test
+	public void testGetIncrementalModulesWithNoneComplete() 
+	{
+		String userName = new String("testIncModuleMenu1");
+		String lowestRankModuleId = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //This should be changed if an easier module is made
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					String incrementalModules = Getter.getIncrementalModules(applicationRoot, userId, lang, "testingCSRFtoken");
+					if(incrementalModules.indexOf("Completed") == -1) //User should not have completed any modules. The Completed Button should not be present
+					{
+						if(incrementalModules.indexOf(lowestRankModuleId) > -1) //The only module Id to be returned should be this one as it is the first presented (Lowest Incremental Rank)
+						{
+							if(incrementalModules.indexOf("Get Next Challenge") > -1) //This is the English string that should be included with the lang submitted in this unit test
+							{
+								log.debug("PASS: Incremental Menu Appears to have Rendered correctly with the Preconditions of this test");
+								return;
+							}
+							else
+							{
+								fail("Could not Detect i18n English Values in Menu");
+							}
+						}
+						else
+						{
+							fail("The Module Id Returned was not the Known First Level. Ie not: " + lowestRankModuleId);
+						}
+					}
+					else
+					{
+						fail("CTF Menu Appears as if User Has Completed Modules When They Have Not");
+					}
+					//Wont Log unless unit doesnt pass
+					log.debug(incrementalModules);
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetIncrementalModulesWithOneModuleComplete() 
+	{
+		String userName = new String("testIncModuleMenu3");
+		String lowestRankModuleId = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //This should be changed if an easier module is made
+		String secondLowestRankModuleId = "b9d82aa7b46ddaddb6acfe470452a8362136a31e"; //This should be changed if an easier module is made or is orded before this
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, lowestRankModuleId, userId).isEmpty())
+					{
+						//Then, Mark the Challenge Complete for user (Insecure Data Storage Lesson)
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, lowestRankModuleId, userId, "Feedback is Not Enabled", 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{
+							String checkPlayerResultTest = Getter.checkPlayerResult(applicationRoot, lowestRankModuleId, userId);
+							log.debug("checkPlayerResultTest" + checkPlayerResultTest);
+							if(checkPlayerResultTest == null)
+							{
+								String incrementalModules = Getter.getIncrementalModules(applicationRoot, userId, lang, "testingCSRFtoken");
+								if(incrementalModules.indexOf("Completed") > -1) //User should  have completed one module. The Completed Button should be present
+								{
+									if(incrementalModules.indexOf(lowestRankModuleId) > -1) //The only completed module Id to be returned should be this one
+									{
+										if(incrementalModules.indexOf(secondLowestRankModuleId) > -1)
+										{
+											if(incrementalModules.indexOf("Get Next Challenge") > -1) //This is the English string that should be included with the lang submitted in this unit test
+											{
+												log.debug("PASS: Incremental Menu Appears to have Rendered correctly with the Preconditions of this test");
+												return;
+											}
+											else
+											{
+												fail("Could not Detect i18n English Values in Menu");
+											}
+										}
+										else
+										{
+											fail("The Module Id Returned to be Completed Next was not the Known 2nd Level. Ie not: " + secondLowestRankModuleId);
+										}
+									}
+									else
+									{
+										fail("The Module Id Returned was not the Known First Level. Ie not: " + lowestRankModuleId);
+									}
+								}
+								else
+								{
+									fail("CTF Menu Appears as if User Has Completed Modules When They Have Not");
+								}
+								//Wont Log unless unit doesnt pass
+								log.debug(incrementalModules);
+							}
+							else
+							{
+								fail("checkPlayerResultTest says user has not completed module"); //Even though this test just marked it as Completed
+							}
+						}
+						else
+							fail("Could not mark data storage lesson as complete for user");
+					}
+					else
+						fail("Could not Lowest Rank Lesson as Opened by User");
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetIncrementalModulesWithoutScriptWithModulesClosed() 
+	{
+		String userName = new String("testIncModuleMenuScript2");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Close all Modules First
+				if(Setter.closeAllModules(applicationRoot))
+				{
+					String incrementalModules = Getter.getIncrementalModulesWithoutScript(applicationRoot, userId, lang, "testingCSRFtoken");
+					if(incrementalModules.indexOf("You've Finished!") > -1) //IF no modules are open, this is the expected leading string
+					{
+						if(!incrementalModules.endsWith(";</script>"))
+						{
+							log.debug("PASS: Incremental Menu Appears to have Rendered correctly with the Preconditions of this test without ending in the button script");
+							return;
+						}
+						else
+						{
+							log.debug("incrementalModules returned: " + incrementalModules);
+							fail("Function Ended in Unexpected Script");
+						}
+					}
+					else
+					{
+						log.debug("incrementalModules returned: " + incrementalModules);
+						fail("Could not Detect Finished Message");
+					}
+				}
+				else
+				{
+					fail("Could not Close All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetIncrementalModulesWithoutScriptWithNoneComplete() 
+	{
+		String userName = new String("testIncModuleMenuScript1");
+		String lowestRankModuleId = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //This should be changed if an easier module is made
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					String incrementalModules = Getter.getIncrementalModulesWithoutScript(applicationRoot, userId, lang, "testingCSRFtoken");
+					if(incrementalModules.indexOf("Completed") == -1) //User should not have completed any modules. The Completed Button should not be present
+					{
+						if(incrementalModules.indexOf(lowestRankModuleId) > -1) //The only module Id to be returned should be this one as it is the first presented (Lowest Incremental Rank)
+						{
+							if(incrementalModules.indexOf("Get Next Challenge") > -1) //This is the English string that should be included with the lang submitted in this unit test
+							{
+								if(!incrementalModules.endsWith(";</script>"))
+								{
+									log.debug("PASS: Incremental Menu Appears to have Rendered correctly with the Preconditions of this test without ending in the button script");
+									return;
+								}
+								else
+								{
+									log.debug("incrementalModules returned: " + incrementalModules);
+									fail("Function Ended in Unexpected Script");
+								}
+							}
+							else
+							{
+								log.debug("incrementalModules returned: " + incrementalModules);
+								fail("Could not Detect i18n English Values in Menu");
+							}
+						}
+						else
+						{
+							log.debug("incrementalModules returned: " + incrementalModules);
+							fail("The Module Id Returned was not the Known First Level. Ie not: " + lowestRankModuleId);
+						}
+					}
+					else
+					{
+						log.debug("incrementalModules returned: " + incrementalModules);
+						fail("CTF Menu Appears as if User Has Completed Modules When They Have Not");
+					}
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetIncrementalModulesWithoutScriptWithOneModuleComplete() 
+	{
+		String userName = new String("testIncModuleMenuScript3");
+		String lowestRankModuleId = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //This should be changed if an easier module is made
+		String secondLowestRankModuleId = "b9d82aa7b46ddaddb6acfe470452a8362136a31e"; //This should be changed if an easier module is made or is orded before this
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, lowestRankModuleId, userId).isEmpty())
+					{
+						//Then, Mark the Challenge Complete for user (Insecure Data Storage Lesson)
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, lowestRankModuleId, userId, "Feedback is Not Enabled", 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{
+							String checkPlayerResultTest = Getter.checkPlayerResult(applicationRoot, lowestRankModuleId, userId);
+							log.debug("checkPlayerResultTest" + checkPlayerResultTest);
+							if(checkPlayerResultTest == null)
+							{
+								String incrementalModules = Getter.getIncrementalModulesWithoutScript(applicationRoot, userId, lang, "testingCSRFtoken");
+								if(incrementalModules.indexOf("Completed") > -1) //User should  have completed one module. The Completed Button should be present
+								{
+									if(incrementalModules.indexOf(lowestRankModuleId) > -1) //The only completed module Id to be returned should be this one
+									{
+										if(incrementalModules.indexOf(secondLowestRankModuleId) > -1)
+										{
+											if(incrementalModules.indexOf("Get Next Challenge") > -1) //This is the English string that should be included with the lang submitted in this unit test
+											{
+												if(!incrementalModules.endsWith(";</script>"))
+												{
+													log.debug("PASS: Incremental Menu Appears to have Rendered correctly with the Preconditions of this test without ending in the button script");
+													return;
+												}
+												else
+												{
+													log.debug("incrementalModules returned: " + incrementalModules);
+													fail("Function Ended in Unexpected Script");
+												}
+											}
+											else
+											{
+												log.debug("incrementalModules returned: " + incrementalModules);
+												fail("Could not Detect i18n English Values in Menu");
+											}
+										}
+										else
+										{
+											log.debug("incrementalModules returned: " + incrementalModules);
+											fail("The Module Id Returned to be Completed Next was not the Known 2nd Level. Ie not: " + secondLowestRankModuleId);
+										}
+									}
+									else
+									{
+										log.debug("incrementalModules returned: " + incrementalModules);
+										fail("The Module Id Returned was not the Known First Level. Ie not: " + lowestRankModuleId);
+									}
+								}
+								else
+								{
+									log.debug("incrementalModules returned: " + incrementalModules);
+									fail("CTF Menu Appears as if User Has Completed Modules When They Have Not");
+								}
+							}
+							else
+							{
+								fail("checkPlayerResultTest says user has not completed module"); //Even though this test just marked it as Completed
+							}
+						}
+						else
+							fail("Could not mark data storage lesson as complete for user");
+					}
+					else
+						fail("Could not Lowest Rank Lesson as Opened by User");
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	/**
+	 * Tests to ensure that user can only see their data in the scoreboard, and cannot see the data from users in other classes in the scoreboard
+	 */
+	@Test
+	public void testGetJsonScoreClassSpecific() 
+	{
+		String userName = new String("scoreUserClassSpecific");
+		String className = new String("ScoreClassSpec");
+		String otherUserName = new String("scoreUserClassSpecific2");
+		String otherClassName = new String("ScoreClassSpec2");
+		String classId = new String();
+		String classId2 = new String();
+		String insecureDirectObjectRefLesson = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //Direct Object Reference Module
+		try
+		{
+			try
+			{
+				classId = findCreateClassId(className);
+				classId2 = findCreateClassId(otherClassName);
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Find or Create Class : " + e.toString());
+				fail("Could not Create or Find Classes");
+			}
+			if(verifyTestUser(applicationRoot, userName, userName, classId) && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String otherUserId = Getter.getUserIdFromName(applicationRoot, otherUserName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, userId, "Feedback is Disabled", 1, 1, 1);
+					if(markLevelCompleteTest != null)
+						markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, otherUserId, "Feedback is Disabled", 1, 1, 1);
+					else 
+						fail("Could Not Mark Level as complete by User 1");
+					if (markLevelCompleteTest != null)
+					{
+						boolean pass = false;
+						//Configure Score board for class Specific
+						ScoreboardStatus.setScoreboardClassSpecific();
+						//Get Score board Data
+						String scoreboardData = Getter.getJsonScore(applicationRoot, classId);
+						//Take the JSON String and make it Java JSON friendly
+						JSONArray scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+						//Loop through array to find Our user
+						for(int i = 0; i < scoreboardJson.size(); i++)
+						{
+							JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+							if(scoreRowJson.get("username").toString().compareTo(userName) == 0)
+							{
+								pass = true;
+								log.debug("Found " + userName + " in scoreboard");
+							}
+							if(scoreRowJson.get("username").toString().compareTo(otherUserName) == 0)
+							{
+								log.fatal("Found Class User that shouldn't be included in the output");
+								log.debug("Found " + otherUserName + " in: " + scoreboardData);
+								fail("Found Class User that shouldn't be included in the Scoreboard Data");
+							}
+						}
+						if(!pass)
+						{
+							log.error("Could not find " + userName + " in JSON Data: " + scoreboardData);
+							fail("Could not find user in scoreboard");
+						}
+						else
+						{
+							return; //PASS
+						}
+					}
+					else
+					{
+						fail("Failed to Mark Direct Object Level as Complete for 2nd User");
+					}
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify users (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify Users: " + e.toString());
+			fail("Could not Verify Users " + userName);
+		}
+	}
+	
+	/**
+	 * Test to ensure users that have not scored any points, or are on negative points are not shown in the scoreboard
+	 */
+	@Test
+	public void testGetJsonScoreTotalNoneOrNegPoints() 
+	{
+		String userName = new String("userZero");
+		String className = new String("LowScoreTeam");
+		String otherUserName = new String("userMinusFive");
+		String classId = new String();
+		try
+		{
+			try
+			{
+				classId = findCreateClassId(className);
+				log.debug("Class Found");
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Find or Create Class : " + e.toString());
+				fail("Could not Create or Find Class");
+			}
+			if(verifyTestUser(applicationRoot, userName, userName, classId) && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId))
+			{
+				log.debug("User's Verified");
+				String otherUserId = Getter.getUserIdFromName(applicationRoot, otherUserName);
+				log.debug("UserId retrieved");
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					log.debug("Opened All Modules");
+					//Not Touching User Zero, But dropping five points from other user
+					if (Setter.updateUserPoints(applicationRoot, otherUserId, -5))
+					{
+						log.debug("Updated Points of user Minus 5");
+						//Configure Score board for total open
+						ScoreboardStatus.setScoreboeardOpen();
+						log.debug("Scoreboard Set to Open");
+						//Get Score board Data
+						String scoreboardData = Getter.getJsonScore(applicationRoot, classId);
+						if(scoreboardData.isEmpty())
+						{
+							log.debug("PASS: The Scoreboard response was empty. Therefore the users are not valid to be returned");
+							return; //PASS
+						}
+						log.debug("Got Scoreboard Data");
+						//Take the JSON String and make it Java JSON friendly
+						JSONArray scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+						log.debug("Parsed Scoreboard Data");
+						if(scoreboardJson == null)
+							log.debug("scoreboardJson is Null. json was: " + scoreboardData);
+						//Loop through array to find Our user
+						for(int i = 0; i < scoreboardJson.size(); i++)
+						{
+							log.debug("Looping through Array " + i);
+							JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+							if(scoreRowJson.get("username").toString().compareTo(userName) == 0)
+							{
+								fail("Found " + userName + " in scoreboard"); 
+							}
+							if(scoreRowJson.get("username").toString().compareTo(otherUserName) == 0)
+							{
+								fail("Found " + otherUserName + " in scoreboard"); 
+							}
+						}
+						log.debug("PASS: Did not ether user's in the response, therefore they were not included");
+						return; //PASS
+					}
+					else
+					{
+						fail("Failed to Subtract points from " + otherUserName);
+					}
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify users (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify Users: " + e.toString());
+			fail("Could not Verify Users " + userName);
+		}
+	}
+	
+	/**
+	 * Test to see if Score board returns score for entire user base regardless of class
+	 */
+	@Test
+	public void testGetJsonScoreTotalOpen() 
+	{
+		String userName = new String("scoreUserTotalScore");
+		String className = new String("ScoreTotalScore");
+		String otherUserName = new String("scoreUserTotalScoreb2");
+		String otherClassName = new String("ScoreTotalScoreb2");
+		String classId = new String();
+		String classId2 = new String();
+		String insecureDirectObjectRefLesson = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //Direct Object Reference Module
+		try
+		{
+			try
+			{
+				classId = findCreateClassId(className);
+				classId2 = findCreateClassId(otherClassName);
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Find or Create Class : " + e.toString());
+				fail("Could not Create or Find Classes");
+			}
+			if(verifyTestUser(applicationRoot, userName, userName, classId) && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String otherUserId = Getter.getUserIdFromName(applicationRoot, otherUserName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, userId, "Feedback is Disabled", 1, 1, 1);
+					if(markLevelCompleteTest != null)
+						markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, otherUserId, "Feedback is Disabled", 1, 1, 1);
+					else 
+						fail("Could Not Mark Level as complete by User 1");
+					if (markLevelCompleteTest != null)
+					{
+						boolean pass = false;
+						boolean user2 = false;
+						//Configure Score board for class Specific
+						ScoreboardStatus.setScoreboeardOpen();
+						//Get Score board Data
+						String scoreboardData = Getter.getJsonScore(applicationRoot, classId);
+						//Take the JSON String and make it Java JSON friendly
+						JSONArray scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+						//Loop through array to find Our user
+						for(int i = 0; i < scoreboardJson.size(); i++)
+						{
+							JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+							if(scoreRowJson.get("username").toString().compareTo(userName) == 0)
+							{
+								pass = true;
+								log.debug("Found " + userName + " in scoreboard");
+							}
+							if(scoreRowJson.get("username").toString().compareTo(otherUserName) == 0)
+							{
+								user2 = true;
+								log.debug("Found " + otherUserName + " in scoreboard");
+							}
+						}
+						if(!(pass && user2))
+						{
+							if(!pass)
+							{
+								log.error("Could not find " + userName + " in JSON Data: " + scoreboardData);
+								fail("Could not find user in scoreboard");
+							}
+							else
+							{
+								log.error("Could not see users from other class in total scoreboard data");
+								log.error("Could not find " + otherUserName + " in " + scoreboardData);
+								fail("Could not see users from other class in total scoreboard data");
+							}
+						}
+						else
+						{
+							return; //PASS
+						}
+					}
+					else
+					{
+						fail("Failed to Mark Direct Object Level as Complete for 2nd User");
+					}
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify users (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify Users: " + e.toString());
+			fail("Could not Verify Users " + userName);
+		}
+	}
+	
+	/**
+	 * Ensuring HTML is encoded from untrusted user inputs in scoreboard
+	 */
+	@Test
+	public void testGetJsonScoreTotalOpenHtmlChars() 
+	{
+		String userName = new String("<script>alert('Name');</sciprt>");
+		String className = new String("Scorl<script>alert(1)</script>");
+		String otherUserName = new String("\"onerror=\"alert('Name');//");
+		String otherClassName = new String("\"onerror=\"alert('C');//");
+		String classId = new String();
+		String classId2 = new String();
+		String insecureDirectObjectRefLesson = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //Direct Object Reference Module
+		try
+		{
+			try
+			{
+				classId = findCreateClassId(className);
+				classId2 = findCreateClassId(otherClassName);
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Find or Create Class : " + e.toString());
+				fail("Could not Create or Find Classes");
+			}
+			if(verifyTestUser(applicationRoot, userName, userName, classId) && verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String otherUserId = Getter.getUserIdFromName(applicationRoot, otherUserName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, userId, "Feedback is Disabled", 1, 1, 1);
+					if(markLevelCompleteTest != null)
+						markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, otherUserId, "Feedback is Disabled", 1, 1, 1);
+					else 
+						fail("Could Not Mark Level as complete by User 1");
+					if (markLevelCompleteTest != null)
+					{
+						//Configure Score board for total open
+						ScoreboardStatus.setScoreboeardOpen();
+						//Get Score board Data
+						String scoreboardData = Getter.getJsonScore(applicationRoot, classId);
+						//Take the JSON String and make it Java JSON friendly
+						JSONArray scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+						//Loop through array to find Our user
+						for(int i = 0; i < scoreboardJson.size(); i++)
+						{
+							JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+							if(scoreRowJson.get("username").toString().compareTo(userName) == 0) //Therefore not encoded for HTML
+							{
+								fail("Found " + userName + " in scoreboard"); 
+							}
+							if(scoreRowJson.get("username").toString().compareTo(otherUserName) == 0) //Therefore not encoded for HTML
+							{
+								fail("Found " + otherUserName + " in scoreboard"); 
+							}
+						}
+						log.debug("PASS: Did not find HTML Strings in Scoreboard Response. Therefore they are encoded");
+						return; //PASS
+					}
+					else
+					{
+						fail("Failed to Mark Direct Object Level as Complete for 2nd User");
+					}
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify users (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify Users: " + e.toString());
+			fail("Could not Verify Users " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetLessons() 
+	{
+		String userName = new String("getLessonsUser");
+		String inscureDirectObjectLesson = "0dbea4cb5811fff0527184f99bd5034ca9286f11";
+		String poorDataValidationLesson = "b9d82aa7b46ddaddb6acfe470452a8362136a31e";
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, inscureDirectObjectLesson, userId).isEmpty())
+					{
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, inscureDirectObjectLesson, userId, "Feedback is Disabled", 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{
+							String lessonsMenu = Getter.getLessons(applicationRoot, userId, locale);
+							if(lessonsMenu.indexOf("class='lesson'") > -1) //Menu Should include this at least once
+							{
+								if(lessonsMenu.indexOf(inscureDirectObjectLesson) > -1) //This module should be in the response
+								{
+									if(lessonsMenu.indexOf("<img src='css/images/completed.png'/><a class='lesson' id='"+inscureDirectObjectLesson) > -1) //This module should be returned as completed
+									{
+										if(lessonsMenu.indexOf("<img src='css/images/uncompleted.png'/><a class='lesson' id='"+poorDataValidationLesson) > -1)
+										{
+											if(lessonsMenu.indexOf("Insecure Direct Object References") > -1) //English string should exist in output based on the submitted locale
+											{
+												log.debug("PASS: GetLessons Menu Appears to have Rendered correctly with the Preconditions of this test");
+												return;
+											}
+											else
+											{
+												log.fatal("Could not find i18n English String in lessons Menu: " + lessonsMenu);
+												fail("Could not Detect i18n Locale Strings In Lessons Menu");
+											}
+										}
+										else
+										{
+											log.fatal("Could not detect Uncompleted Icon beside Poor Data Validation Lesson: " + lessonsMenu);
+											fail("Uncompleted Module did not have Uncopmleted Symbol");
+										}
+									}
+									else
+									{
+										log.fatal("Could not detect completed Icon beside Insecure Direct Object Reference Lesson");
+										log.error("Could not find : <img src='css/images/completed.png'/><a class='lesson' id='"+inscureDirectObjectLesson + " in " + lessonsMenu);
+										fail("Completed Module Did not Have Completed Symbol");
+									}
+								}
+								else
+								{
+									log.fatal("Could not find Insecure Direct Object References ModuleID in: " + lessonsMenu);
+									fail("Could not find Insecure Direct Object References ModuleID in Response");
+								}
+							}
+							else
+							{
+								log.fatal("Could not find lesson list items in repsonse" + lessonsMenu);
+								fail("Could not find Lesson List Items in Response");
+							}
+						}
+						else
+							fail("Could not mark module as complete");
+					}
+					else
+					{
+						fail("Could not simulate opening module");
+					}
+				}
+				else
+				{
+					fail("Could not open All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	/**
+	 * Test to see if correct meny is returned from getLessons when modules are closed
+	 */
+	@Test
+	public void testGetLessonsWhenClosed() 
+	{
+		String userName = new String("getLessonsClosedUser");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First
+				if(Setter.closeAllModules(applicationRoot))
+				{
+					String lessonsMenu = Getter.getLessons(applicationRoot, userId, locale);
+					if(lessonsMenu.indexOf("class='lesson'") == -1) //Menu Should not include this when modules closed
+					{
+						if(lessonsMenu.indexOf("No lessons found") > -1) //English string should exist in output based on the submitted locale
+						{
+							log.debug("PASS: GetLessons Menu Appears to have Rendered correctly with the Preconditions of this test");
+							return;
+						}
+						else
+						{
+							log.fatal("Could not find i18n English String in lessons Menu: " + lessonsMenu);
+							fail("Could not Detect i18n Locale Strings In Lessons Menu");
+						}
+					}
+				}
+				else
+				{
+					fail("Could not close All Modules");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetModuleAddress() 
+	{
+		String userName = new String("userGetModuleAddress");
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the Module Can Be Opened
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, insecureCryptoLesson, userId).isEmpty())
+					{
+						log.debug("PASS: Could mark level open when level was marked as open");
+						return;
+					}
+					else
+						fail("Could not Insecure Crypto Lesson as Opened by user");
+				}
+				else
+					fail("Could not Open All Modules");
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetModuleAddressWhenClosed() 
+	{
+		String userName = new String("userGetModuleAddressTwo");
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Close all modules first
+				if(Setter.closeAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(Getter.getModuleAddress(applicationRoot, insecureCryptoLesson, userId).isEmpty())
+					{
+						log.debug("PASS: Could not get Module URL when Module Closed");
+					}
+					else
+						fail("Could Get Module Address when marked as closed");
+				}
+				else
+					fail("Could not Close All Modules");
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetModuleCategory() 
+	{
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		if(Getter.getModuleCategory(applicationRoot, insecureCryptoLesson).compareTo("Insecure Cryptographic Storage") != 0)
+		{
+			fail("Incorrect Category Returned for Insecure Crypto Lesson");
+		}
+		else
+		{
+			log.debug("PASS: Expected Category Returned");
+		}
+	}
+
+	@Test
+	public void testGetModuleHash() 
+	{
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		if(Getter.getModuleHash(applicationRoot, insecureCryptoLesson).compareTo("if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2") != 0)
+		{
+			fail("Incorrect Hash Returned for Insecure Crypto Lesson");
+		}
+		else
+		{
+			log.debug("PASS: Expected Hash Returned");
+		}
+	}
+	
+	@Test
+	public void testGetModuleIdFromHash() 
+	{
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		if(Getter.getModuleIdFromHash(applicationRoot, Getter.getModuleHash(applicationRoot, insecureCryptoLesson)).compareTo(insecureCryptoLesson) != 0)
+		{
+			fail("Incorrect moduleId Returned for Insecure Crypto Lesson Hash Search");
+		}
+		else
+		{
+			log.debug("PASS: Expected Id Returned");
+		}
+	}
+	
+	@Test
+	public void testGetModuleKeyTypeEncryptedKey() 
+	{
+		String csrfChallengeThree = new String("5ca9115f3279b9b9f3308eb6a59a4fcd374846d6");
+		if(!Getter.getModuleKeyType(applicationRoot, csrfChallengeThree))
+		{
+			log.debug("PASS: Encrypted Key Detected on Encrypted Level");
+		}
+		else
+		{
+			log.fatal("Hardcoded Key Detected On Encrypted Key Module");
+			fail("Hardcoded Key Detected On Encrypted Key Module");
+		}
+	}
+	
+	@Test
+	public void testGetModuleKeyTypeHardcodedKey() 
+	{
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		if(Getter.getModuleKeyType(applicationRoot, insecureCryptoLesson))
+		{
+			log.debug("PASS: Hardcoded Key Detected on Hardcoded Level");
+		}
+		else
+		{
+			log.fatal("Encrypted Key Detected On Hardcoded Key Module");
+			fail("Encrypted Key Detected On Hardcoded Key Module");
+		}
+	}
+	
+	@Test
+	public void testGetModuleNameLocaleKey()
+	{
+		try
+		{
+			String moduleId = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11"); //Insecure Direct Object References Module Id
+			String moduleName = new String("Insecure Direct Object References");
+			String moduleLocalNameKey = Getter.getModuleNameLocaleKey(applicationRoot, moduleId);
+			ResourceBundle bundle = ResourceBundle.getBundle("i18n.moduleGenerics.moduleNames", locale);
+			String localName = bundle.getString(moduleLocalNameKey);
+			if(localName.compareTo(moduleName) != 0)
+			{
+				log.error(localName + " != " + moduleName);
+				fail("Name Retrieved != expected result");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete testGetModuleNameLocaleKey: " + e.toString());
+			fail("Could not complete testGetModuleNameLocaleKey");
+		}
+	}
+	
+	/**
+	 * Test to return stored result key from DB via getModuleResult Function
+	 */
+	@Test
+	public void testGetModuleResult()
+	{
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		String knownStoredResult = new String("base64isNotEncryptionBase64isEncodingBase64HidesNothingFromYou");
+		String methodReturnResult = Getter.getModuleResult(applicationRoot, insecureCryptoLesson);
+		if(knownStoredResult.compareTo(methodReturnResult) != 0)
+		{
+			log.fatal("Known Result (" + knownStoredResult + ") did not match returned result (" + methodReturnResult + ")");
+			fail("Stored and Known Results Differed");
+		}
+	}
+	
+	/**
+	 * Test to return stored result key from DB via getModuleResultFromHash Function
+	 */
+	@Test
+	public void testGetModuleResultFromHash() 
+	{
+		String insecureCryptoLessonHash = new String("if38ebb58ea2d245fa792709370c00ca655fded295c90ef36f3a6c5146c29ef2");
+		String knownStoredResult = new String("base64isNotEncryptionBase64isEncodingBase64HidesNothingFromYou");
+		String methodReturnResult = Getter.getModuleResultFromHash(applicationRoot, insecureCryptoLessonHash);
+		if(knownStoredResult.compareTo(methodReturnResult) != 0)
+		{
+			log.fatal("Known Result (" + knownStoredResult + ") did not match returned result (" + methodReturnResult + ")");
+			fail("Stored and Known Results Differed");
+		}
+	}
+
+	/**
+	 * Function should return the entire list of modules regardless of status in options tags
+	 */
+	@Test
+	public void testGetModulesInOptionTags() 
+	{
+		String insecureCryptoLesson = new String("201ae6f8c55ba3f3b5881806387fbf34b15c30c2");
+		String modules = Getter.getModulesInOptionTags(applicationRoot);
+		if(modules.indexOf(insecureCryptoLesson) == -1)
+		{
+			log.fatal("Insecure Crypto Lesson ID Ommited from list: " + modules);
+			fail("Entire List of Modules not returned");
+		}
+		else if(modules.indexOf("option") == -1)
+		{
+			log.fatal("No Options Tags Detected in List: " + modules);
+			fail("No Options Tags Detected in List");
+		}
+	}
+	
+	@Test
+	public void testGetModulesInOptionTagsCTF() 
+	{
+		String lowestRankLevel = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11");
+		String modules = Getter.getModulesInOptionTagsCTF(applicationRoot);
+		if(modules.indexOf(lowestRankLevel) == -1)
+		{
+			log.fatal("Insecure Crypto Lesson ID Ommited from list: " + modules);
+			fail("Entire List of Modules not returned");
+		}
+		else if(modules.indexOf("option") == -1)
+		{
+			log.fatal("No Options Tags Detected in List: " + modules);
+			fail("No Options Tags Detected in List");
+		}
+		else if(!modules.startsWith("<option value='" + lowestRankLevel))
+		{
+			log.fatal("Wrong Module Listed First. Should be module with lowest incremental Rank: " + modules);
+			fail("First option tag was not the lowest ranking level");
+		}
+	}
+
+	@Test
+	public void testGetModuleSolution() 
+	{
+		String insecureDirectObjectReferenceLesson = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11");
+		String[] moduleSolution = Getter.getModuleSolution(applicationRoot, insecureDirectObjectReferenceLesson, locale);
+		if(moduleSolution == null)
+		{
+			fail("Could not retrieve module solution");
+		}
+		else if(moduleSolution[1].indexOf("Stop the request") == -1)
+		{
+			log.fatal("Could not find 'Stop the request' in the following solution: " + moduleSolution[1]);
+			fail("Could not find english string in solution");
+		}
+	}
+	
+	/**
+	 * Test to see if the module status menu is correct when all modules are open
+	 */
+	@Test
+	public void testGetModuleStatusMenu() 
+	{
+		String dataStorageLessonId = new String("53a53a66cb3bf3e4c665c442425ca90e29536edd");
+		String insecureDirectObjectReferenceLesson = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11");
+		if(Setter.openAllModules(applicationRoot))
+		{
+			String moduleStatusMenu = Getter.getModuleStatusMenu(applicationRoot);
+			if(moduleStatusMenu.indexOf("<tr><th>To Open</th><th>To Close</th></tr><tr>") == -1)
+			{
+				log.fatal("No Menu Header in ModuleStatusMenu: " + moduleStatusMenu);
+				fail("No Menu Header in moduleStatusMenu");
+			}
+			else if(moduleStatusMenu.indexOf("id='toOpen'") == -1)
+			{
+				log.fatal("No Open Menu Detected in Output: " + moduleStatusMenu);
+				fail("No Open Meny Detected in Output");
+			}
+			else if(moduleStatusMenu.indexOf("id='toClose'") == -1)
+			{
+				log.fatal("No Close Menu Detected in Output: " + moduleStatusMenu);
+				fail("No Close Meny Detected in Output");
+			}
+			else if(moduleStatusMenu.indexOf("id='toOpen'></select></td>") < 0) //Should be empty as all modules should be open
+			{
+				log.fatal("Modules are in the 'toOpen' list when all modules should already be open: " + moduleStatusMenu);
+				fail("Modules are in the 'toOpen' list when all modules should already be open");
+			}
+			else
+			{
+				//Make Sub String for the toClose List
+				int endOfToCloseMenu = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toClose'>")).indexOf("</select>")+(moduleStatusMenu.length() - moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toClose'>")).length());
+				String toCloseList = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toClose'>"), endOfToCloseMenu);
+				log.debug("Close List: " + toCloseList);
+				if(toCloseList.indexOf(insecureDirectObjectReferenceLesson) == -1)
+				{
+					log.fatal("Could not Find Insecure Direct Object Reference in toClose List");
+					fail("Could not Find Insecure Direct Object Reference in toClose List");
+				}
+				else if (toCloseList.indexOf(dataStorageLessonId) == -1)
+				{
+					log.fatal("Could not Find Insecure Data Storage in toClose List");
+					fail("Could not Find Insecure Data Storage in toClose List");
+				}
+				else
+				{
+					return; //PASS
+				}
+			}
+		}
+		else
+		{
+			fail("Could not open all modules");
+		}
+	}
+	
+	/**
+	 * Test to see if the module status menu is correct when all modules are open
+	 */
+	@Test
+	public void testGetModuleStatusMenuWhenClosed() 
+	{
+		String dataStorageLessonId = new String("53a53a66cb3bf3e4c665c442425ca90e29536edd");
+		String insecureDirectObjectReferenceLesson = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11");
+		if(Setter.closeAllModules(applicationRoot))
+		{
+			String moduleStatusMenu = Getter.getModuleStatusMenu(applicationRoot);
+			if(moduleStatusMenu.indexOf("<tr><th>To Open</th><th>To Close</th></tr><tr>") == -1)
+			{
+				log.fatal("No Menu Header in ModuleStatusMenu: " + moduleStatusMenu);
+				fail("No Menu Header in moduleStatusMenu");
+			}
+			else if(moduleStatusMenu.indexOf("id='toOpen'") == -1)
+			{
+				log.fatal("No Open Menu Detected in Output: " + moduleStatusMenu);
+				fail("No Open Meny Detected in Output");
+			}
+			else if(moduleStatusMenu.indexOf("id='toClose'") == -1)
+			{
+				log.fatal("No Close Menu Detected in Output: " + moduleStatusMenu);
+				fail("No Close Meny Detected in Output");
+			}
+			else if(moduleStatusMenu.indexOf("id='toClose'></select></td>") < 0) //Should be empty as all modules should be closed
+			{
+				log.fatal("Modules are in the 'toClose' list when all modules should already be closed: " + moduleStatusMenu);
+				fail("Modules are in the 'toClose' list when all modules should already be closed");
+			}
+			else
+			{
+				//Make Sub String for the toOpen List
+				int endOfToOpenMenu = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toOpen'>")).indexOf("</select>")+(moduleStatusMenu.length() - moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toOpen'>")).length());
+				String toOpenList = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toOpen'>"), endOfToOpenMenu);
+				log.debug("Open List: " + toOpenList);
+				if(toOpenList.indexOf(insecureDirectObjectReferenceLesson) == -1)
+				{
+					log.fatal("Could not Find Insecure Direct Object Reference in toOpen List");
+					fail("Could not Find Insecure Direct Object Reference in toOpen List");
+				}
+				else if (toOpenList.indexOf(dataStorageLessonId) == -1)
+				{
+					log.fatal("Found Insecure Data Storage in toOpen List when it should already be open");
+					fail("Found Insecure Data Storage in toOpen List when it should already be open");
+				}
+				else
+				{
+					return; //PASS
+				}
+			}
+		}
+		else
+		{
+			fail("Could not close all modules");
+		}
+	}
+	
+	/**
+	 * Test to see if the module status menu is correct when all modules are open
+	 */
+	@Test
+	public void testGetModuleStatusMenuWhenMobileOnlyOpen() 
+	{
+		String dataStorageLessonId = new String("53a53a66cb3bf3e4c665c442425ca90e29536edd");
+		String insecureDirectObjectReferenceLesson = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11");
+		if(Setter.openOnlyMobileCategories(applicationRoot))
+		{
+			String moduleStatusMenu = Getter.getModuleStatusMenu(applicationRoot);
+			if(moduleStatusMenu.indexOf("<tr><th>To Open</th><th>To Close</th></tr><tr>") == -1)
+			{
+				log.fatal("No Menu Header in ModuleStatusMenu: " + moduleStatusMenu);
+				fail("No Menu Header in moduleStatusMenu");
+			}
+			else if(moduleStatusMenu.indexOf("id='toOpen'") == -1)
+			{
+				log.fatal("No Open Menu Detected in Output: " + moduleStatusMenu);
+				fail("No Open Meny Detected in Output");
+			}
+			else if(moduleStatusMenu.indexOf("id='toClose'") == -1)
+			{
+				log.fatal("No Close Menu Detected in Output: " + moduleStatusMenu);
+				fail("No Close Meny Detected in Output");
+			}
+			else if(moduleStatusMenu.indexOf("id='toClose'></select></td>") > 0) //Should not be empty as Web Levels should be closed
+			{
+				log.fatal("Modules are in the 'toClose' list when web modules should already be closed: " + moduleStatusMenu);
+				fail("Modules are in the 'toClose' list when web modules should already be closed");
+			}
+			else if(moduleStatusMenu.indexOf("id='toOpen'></select></td>") > 0) //Should not be empty as Mobile Levels should be open
+			{
+				log.fatal("Modules are in the 'toOpen' list when mobile modules should already be closed: " + moduleStatusMenu);
+				fail("Modules are in the 'toOpen' list when mobile modules should already be closed");
+			}
+			else
+			{
+				//Make Sub String for the toOpen List
+				int endOfToOpenMenu = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toOpen'>")).indexOf("</select>")+(moduleStatusMenu.length() - moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toOpen'>")).length());
+				String toOpenList = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toOpen'>"), endOfToOpenMenu);
+				//Make Sub String for the toClose List
+				int endOfToCloseMenu = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toClose'>")).indexOf("</select>")+(moduleStatusMenu.length() - moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toClose'>")).length());
+				String toCloseList = moduleStatusMenu.substring(moduleStatusMenu.indexOf("id='toClose'>"), endOfToCloseMenu);
+				log.debug("Open List: " + toOpenList);
+				log.debug("Close List: " + toCloseList);
+				if(toCloseList.indexOf(dataStorageLessonId) == -1)
+				{
+					log.fatal("Could not Find Insecure Data Storage in toOpen List");
+					fail("Could not Find Insecure Data Storage in toOpen List");
+				}
+				else if (toOpenList.indexOf(insecureDirectObjectReferenceLesson) == -1)
+				{
+					log.fatal("Could not Find Insecure Direct Object Reference in toOpen List");
+					fail("Could not Find Insecure Direct Object Reference in toOpen List");
+				}
+				else
+				{
+					//Verify the correct number of modules are open/closed (At this point the Menu is fine. This is really now testing the mobile/web setter filters)
+					int numberOfMobileLevelsOpen = (toCloseList.length() - toCloseList.replace("<option", "").length()) / "<option".length();
+					log.debug(numberOfMobileLevelsOpen + " mobile levels detected");
+					int numberOfWebLevelsClosed =(toOpenList.length() - toOpenList.replace("<option", "").length()) / "<option".length();
+					log.debug(numberOfWebLevelsClosed + " web levels detected");
+					int mobileDbModuleCount = 0;
+					int webDbModuleCount = 0;
+					Connection conn = Database.getCoreConnection(applicationRoot);
+					try
+					{
+						log.debug("Getting Number of Mobile Levels From DB");
+						PreparedStatement prepStatement = conn.prepareStatement("SELECT COUNT(*) FROM MODULES WHERE " + Setter.mobileModuleCategoryHardcodedWhereClause);
+						log.debug("Executing Query");
+						ResultSet resultSet = prepStatement.executeQuery();
+						resultSet.next();
+						mobileDbModuleCount = resultSet.getInt(1);
+						resultSet.close();
+						log.debug("Getting Number of Web Levels from DB");
+						prepStatement = conn.prepareStatement("SELECT COUNT(*) FROM MODULES WHERE " + Setter.webModuleCategoryHardcodedWhereClause);
+						resultSet = prepStatement.executeQuery();
+						resultSet.next();
+						webDbModuleCount = resultSet.getInt(1);
+						resultSet.close();
+					}
+					catch(SQLException e)
+					{
+						log.debug("Could not query DB Failure: " + e.toString());
+						fail("Failed to Query DB For Module Count");
+					}
+					Database.closeConnection(conn);
+					if(mobileDbModuleCount != numberOfMobileLevelsOpen)
+					{
+						fail("There are " + numberOfMobileLevelsOpen + " mobile levels in open list, but there are " + mobileDbModuleCount + " in the DB");
+					}
+					else if(webDbModuleCount != numberOfWebLevelsClosed)
+					{
+						fail("There are " + numberOfWebLevelsClosed + " web levels in open list, but there are " + webDbModuleCount + " in the DB");
+					}
+					else if((mobileDbModuleCount+webDbModuleCount) != (numberOfMobileLevelsOpen+numberOfWebLevelsClosed))
+					{
+						fail("There are module categories missing from the Setter hardcoded module filters.");
+					}
+					else
+					{
+						return; //Pass
+					}
+				}
+			}
+		}
+		else
+		{
+			fail("Could not close all modules");
+		}
+	}
+	
+	@Test
+	public void testGetOpenCloseCategoryMenu() 
+	{
+		String moduleCategory = "Injection"; //This will need to be updated to a locale key when this method is enhansed to support localisation
+		String categoryMenu = Getter.getOpenCloseCategoryMenu(applicationRoot);
+		if(categoryMenu.indexOf("option") == -1)
+		{
+			fail("Category Menu does not have any option tags");
+		}
+		else if(categoryMenu.indexOf(moduleCategory) == -1)
+		{
+			fail("Category Menu does not have the " + categoryMenu + " category");
+		}
+	}
+	
+	@Test
+	public void testGetPlayersByClass() 
+	{
+		try
+		{
+			String classId = findCreateClassId("playersByClass");
+			String userName = new String("playersByClass");
+			for(int i = 0; i <= 9; i++)
+			{
+				if(verifyTestUser(applicationRoot, userName+i, userName+i, classId))
+				{
+					log.debug("Created User " + userName+i);
+				}
+				else
+				{
+					fail("Could not create user " + userName+i);
+				}
+			}
+			ResultSet playersByClass = Getter.getPlayersByClass(applicationRoot, classId);
+			try
+			{
+				int i = 0;
+				while(playersByClass.next())
+				{
+					i++; //Count the players returned
+					if(!playersByClass.getString(2).startsWith(userName))
+					{
+						log.fatal("Found Unexpected User: " + playersByClass.getString(2));
+						fail("Incorrect User from Different Class Returned");
+					}
+				}
+				if(i != 9)
+				{
+					if(i < 9)
+						fail("Too Few Users Returned");
+					else if (i > 9)
+						fail("Too Many Users Returned");
+					else
+					{
+						log.fatal("Then surely the number WAS 9? How did this happen");
+						fail("Incorrect Amount of Users Returned");
+					}
+				}
+			}
+			catch(Exception e)
+			{
+				log.fatal("Failed to itterate through playersByClass: " + e.toString());
+				fail("Players By Class Result Set Issue");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not create Class/Users: " + e.toString());
+			fail("Could not create Class/Users");
+		}
+	}
+	
+	@Test
+	public void testGetProgress() 
+	{
+		String userName = new String("progressUser1");
+		String className = new String("progressClass1");
+		String otherUserName = new String("progressUser2");
+		String otherClassName = new String("progressClass2");
+		String anotherUserName = new String("progressClass3");
+		String classId = new String();
+		String classId2 = new String();
+		String insecureDirectObjectRefLesson = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //Direct Object Reference Module
+		try
+		{
+			try
+			{
+				classId = findCreateClassId(className);
+				classId2 = findCreateClassId(otherClassName);
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Find or Create Class : " + e.toString());
+				fail("Could not Create or Find Classes");
+			}
+			if(verifyTestUser(applicationRoot, userName, userName, classId) &&
+				verifyTestUser(applicationRoot, anotherUserName, anotherUserName, classId) &&
+				verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String otherUserId = Getter.getUserIdFromName(applicationRoot, otherUserName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(Getter.getModuleAddress(applicationRoot, insecureDirectObjectRefLesson, userId).isEmpty())
+					{
+						fail("Could not Simulate Opening Level for User 1");
+					} 
+					else if(Getter.getModuleAddress(applicationRoot, insecureDirectObjectRefLesson, otherUserId).isEmpty())
+					{
+						fail("Could not Simulate Opening Level for User 1");
+					}
+					else
+					{
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, userId, "Feedback is Disabled", 1, 1, 1);
+						if(markLevelCompleteTest != null)
+							markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, otherUserId, "Feedback is Disabled", 1, 1, 1);
+						else 
+							fail("Could Not Mark Level as complete by User 1");
+						if (markLevelCompleteTest != null)
+						{
+							String classProgress = Getter.getProgress(applicationRoot, classId);
+							if(classProgress.indexOf(otherClassName) > 0)
+							{
+								fail("User from wrong class is listed in getProgress response");
+							}
+							else if(classProgress.indexOf(userName) == -1)
+							{
+								fail("Could not find user from class in getProgress response");
+							} 
+							else if(classProgress.indexOf(anotherUserName) == -1)
+							{
+								fail("Could not find user who has made no progress in getProgress response");
+							}
+							else 
+							{
+								String userRowStart = new String(userName + "</td><td><div style='background-color: #A878EF; heigth: 25px; width: ");
+								int startOfProgressWidth = classProgress.indexOf(userRowStart)+userRowStart.length();
+								String firstCharacterOfLength = classProgress.substring(startOfProgressWidth, startOfProgressWidth+1);
+								int lengthOfProgress = Integer.parseInt(firstCharacterOfLength); //We dont care what number it is. As Long as it's not 0
+								if(lengthOfProgress == 0)
+								{
+									log.debug("Found int value: " + lengthOfProgress);
+									log.debug("Was working with this string: " + firstCharacterOfLength);
+									fail("Detected 0 Length for User when they have competed a level");
+								}
+								else
+								{
+									return; //PASS
+								}
+							}
+						}
+						else
+						{
+							fail("Could not Mark level as Complete by user 2");
+						}
+					}
+				}
+				else
+				{
+					fail("Could not Mark All Modules as Open");
+				}
+			}
+			else
+			{
+				fail("Could not Verify Users");
+			}
+		}
+		catch (Exception e)
+		{
+			log.fatal("Could not complete getProgress use case: " + e.toString());
+			fail("Could not Complete getProgress use case");
+		}
+	}
+	
+	@Test
+	public void testGetProgressJSON() 
+	{
+		String userName = new String("jsonProgress1");
+		String className = new String("jsonProgressC");
+		String otherUserName = new String("jsonProgress2");
+		String otherClassName = new String("jsonProgressC2");
+		String anotherUserName = new String("jsonProgress3");
+		String classId = new String();
+		String classId2 = new String();
+		String insecureDirectObjectRefLesson = "0dbea4cb5811fff0527184f99bd5034ca9286f11"; //Direct Object Reference Module
+		try
+		{
+			try
+			{
+				classId = findCreateClassId(className);
+				classId2 = findCreateClassId(otherClassName);
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Find or Create Class : " + e.toString());
+				fail("Could not Create or Find Classes");
+			}
+			if(verifyTestUser(applicationRoot, userName, userName, classId) &&
+				verifyTestUser(applicationRoot, anotherUserName, anotherUserName, classId) &&
+				verifyTestUser(applicationRoot, otherUserName, otherUserName, classId2))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String otherUserId = Getter.getUserIdFromName(applicationRoot, otherUserName);
+				//Open all Modules First
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(Getter.getModuleAddress(applicationRoot, insecureDirectObjectRefLesson, userId).isEmpty())
+					{
+						fail("Could not Simulate Opening Level for User 1");
+					} 
+					else if(Getter.getModuleAddress(applicationRoot, insecureDirectObjectRefLesson, otherUserId).isEmpty())
+					{
+						fail("Could not Simulate Opening Level for User 1");
+					}
+					else
+					{
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, userId, "Feedback is Disabled", 1, 1, 1);
+						if(markLevelCompleteTest != null)
+							markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, insecureDirectObjectRefLesson, otherUserId, "Feedback is Disabled", 1, 1, 1);
+						else 
+							fail("Could Not Mark Level as complete by User 1");
+						if (markLevelCompleteTest != null)
+						{
+							String jsonProgressString = Getter.getProgressJSON(applicationRoot, classId);
+							if(jsonProgressString.indexOf(otherClassName) > 0)
+							{
+								fail("User from wrong class is listed in getJsonProgress response");
+							}
+							else if(jsonProgressString.indexOf(userName) == -1)
+							{
+								fail("Could not find user from class in getJsonProgress response");
+							} 
+							else if(jsonProgressString.indexOf(anotherUserName) == -1)
+							{
+								fail("Could not find user who has made no progress in getJsonProgress response");
+							}
+							else 
+							{
+								log.debug("Going through JsonArray");
+								//Take the JSON String and make it Java JSON friendly
+								JSONArray jsonProgress = (JSONArray)JSONValue.parse(jsonProgressString);
+								//Loop through array to find Our user
+								for(int i = 0; i < jsonProgress.size(); i++)
+								{
+									JSONObject userProgress = (JSONObject)jsonProgress.get(i);
+									if(userProgress.get("userName").toString().compareTo(userName) == 0)
+									{
+										int progressBar = Integer.parseInt(userProgress.get("progressBar").toString());
+										if(progressBar <= 0)
+										{
+											fail("User has no progress according to response when they have completed a level");
+										}
+									}
+									else if(userProgress.get("userName").toString().compareTo(anotherUserName) == 0)
+									{
+										int progressBar = Integer.parseInt(userProgress.get("progressBar").toString());
+										if(progressBar != 0)
+										{
+											fail("User that has done nothing has progress != 0");
+										}
+									}
+								}
+							}
+						}
+						else
+						{
+							fail("Could not Mark level as Complete by user 2");
+						}
+					}
+				}
+				else
+				{
+					fail("Could not Mark All Modules as Open");
+				}
+			}
+			else
+			{
+				fail("Could not Verify Users");
+			}
+		}
+		catch (Exception e)
+		{
+			log.fatal("Could not complete getJsonProgress use case: " + e.toString());
+			fail("Could not Complete getJsonProgress use case");
+		}
+	}
+	
+	/**
+	 * Tests the Tournament Floor Plan when all modules are opened
+	 */
+	@Test
+	public void testGetTournamentModules() 
+	{
+		String userName = new String("allOpenTournUser");
+		String dataStorageLessonId = new String("53a53a66cb3bf3e4c665c442425ca90e29536edd");
+		String insecureDirectObjectReferenceLesson = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the GetAllModuleInfo method will return data
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, dataStorageLessonId, userId).isEmpty())
+					{
+						//Then, Mark the Challenge Complete for user (Insecure Data Storage Lesson)
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, dataStorageLessonId, userId, "Feedback is Disabled", 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{
+							String tournamentModules = Getter.getTournamentModules(applicationRoot, userId, locale);
+							if(!tournamentModules.isEmpty()) //Some Modules were included in response
+							{
+								//Get number of Challenges returned by getChallenges method
+								int numberofChallengesReturned = (tournamentModules.length() - tournamentModules.replace("class='lesson'", "").length()) / "class='lesson'".length();
+								if(numberofChallengesReturned > totalNumberOfModulesInShepherd)
+								{
+									log.debug("Found " + numberofChallengesReturned + " modules");
+									if(!tournamentModules.contains("Corporal")) //English String Expected to be in the response when submitted with the locale for this unit test
+									{
+										fail("Could not detect i18n English String in Tournament Output");
+									}
+									else if(tournamentModules.indexOf("<img src='css/images/completed.png'/><a class='lesson' id='"+dataStorageLessonId) == -1)
+									{
+										fail("Data Storage Lesson was not marked as complete in Tournament Menu");
+									}
+									else if(tournamentModules.indexOf("<img src='css/images/uncompleted.png'/><a class='lesson' id='"+insecureDirectObjectReferenceLesson) == -1)
+									{
+										fail("Could not Detect Direct Object Ref Lesson Uncomplete Image");
+									}
+								}
+								else
+								{
+									log.debug("Too Few Challenges Returned to pass: " + numberofChallengesReturned + " returned");
+									fail("Too Few Challenges Returned to Pass");
+								}
+							}
+							else
+							{
+								log.fatal("No Modules Returned. Empty String");
+								fail("No Modules Returned");
+							}
+						}
+						else
+						{
+							fail("Could not mark Module as Complete");
+						}
+					}
+					else
+					{
+						fail("Could not simulate user opening module");
+					}
+				}
+				else
+				{
+					fail("Could Not Mark Modules as Open Before Test");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	/**
+	 * Tests the Tournament Floor Plan when modules are closed
+	 */
+	@Test
+	public void testGetTournamentModulesClosed() 
+	{
+		String userName = new String("closedTournUser");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the GetAllModuleInfo method will return data
+				if(Setter.closeAllModules(applicationRoot))
+				{
+					String tournamentModules = Getter.getTournamentModules(applicationRoot, userId, locale);
+					if(!tournamentModules.contains("No Modules Found"))
+					{
+						fail("Could not detect 'No Modules Found' i18n String");
+					}
+				}
+				else
+				{
+					fail("Could Not Mark Modules as Closed Before Test");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	/**
+	 * Tests the Tournament Floor Plan when only one module is opened
+	 */
+	@Test
+	public void testGetTournamentModulesOnlyOneOpen() 
+	{
+		String userName = new String("allOpenTournUserNone");
+		String sessionManagement8 = new String("7153290d128cfdef5f40742dbaeb129a36ac2340");
+		String insecureDirectObjectReferenceLesson = new String("0dbea4cb5811fff0527184f99bd5034ca9286f11");
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the GetAllModuleInfo method will return data
+				if(Setter.closeAllModules(applicationRoot))
+				{
+					if(!Setter.setModuleStatusOpen(applicationRoot, sessionManagement8))
+					{
+						fail("Could not open Session management Challenge 8");
+					}
+					else
+					{
+						String tournamentModules = Getter.getTournamentModules(applicationRoot, userId, locale);
+						if(!tournamentModules.isEmpty()) //Some Modules were included in response
+						{
+							//Get number of Challenges returned by getChallenges method
+							int numberofChallengesReturned = (tournamentModules.length() - tournamentModules.replace("class='lesson'", "").length()) / "class='lesson'".length();
+							if(numberofChallengesReturned == 1)
+							{
+								log.debug("Found " + numberofChallengesReturned + " module");
+								if(!tournamentModules.contains("Admiral")) //English String Expected to be in the response when submitted with the locale for this unit test
+								{
+									fail("Could not detect i18n English String Admiral in Tournament Output");
+								}
+								else if(tournamentModules.indexOf("<img src='css/images/uncompleted.png'/><a class='lesson' id='"+sessionManagement8) == -1)
+								{
+									fail("Could not Detect Session Management Challenge 8 Uncomplete Image");
+								}
+								else if(tournamentModules.contains(insecureDirectObjectReferenceLesson))
+								{
+									fail("Detected closed module returned in Tournament Response");
+								}
+								else if(tournamentModules.contains("Private"))
+								{
+									fail("Detected Private Header Even with no levels from that Band Open");
+								}
+							}
+							else
+							{
+								log.debug("More than one module returned: " + tournamentModules);
+								fail("More than one module returned in Single Tournament Test");
+							}
+						}
+						else
+						{
+							log.fatal("No Modules Returned. Empty String");
+							fail("No Modules Returned in Tournament Mode");
+						}
+					}
+				}
+				else
+				{
+					fail("Could Not Mark Modules as Closed Before Test");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testGetUserName()
+	{
+		String userName = new String("getUserNameUser");
+		try 
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String testUserName = Getter.getUserName(applicationRoot, userId);
+				if(testUserName.compareTo(userName) != 0)
+				{
+					fail("Known user name and Retrieved user names are different");
+				}
+			}
+		} 
+		catch (Exception e) 
+		{
+			log.fatal("Could not Verify Test User: " + e.toString());
+			fail("Could not Create/Verify Test User");
+		}
+		
+	}
+	
+	@Test
+	public void testIsCsrfLevelCompleteIncrementedCounter() 
+	{
+		String userName = new String("csrfCounterIncremented");
+		String csrfChallengeOne = new String("20e755179a5840be5503d42bb3711716235005ea"); //CSRF Challenge 1 (Should have CSRF Counter of 0 for new user)
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the Module Can Be Opened
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, csrfChallengeOne, userId).isEmpty())
+					{
+						//Increment Challenge CSRF Counter
+						if(Setter.updateCsrfCounter(applicationRoot, csrfChallengeOne, userId))
+						{
+							if(Getter.isCsrfLevelComplete(applicationRoot, csrfChallengeOne, userId))
+							{
+								return; //Pass, because CSRF level is completed after the user CSRF counter was incremented
+							}
+							else
+							{
+								fail("CSRF 1 not completed after successful increment");
+							}
+						}
+						else
+						{
+							fail("Could not Increment user Counter for CSRF 1");
+						}
+					}
+					else
+					{
+						fail("Could not Mark CSRF 1 as opened by user");
+					}
+				}
+				else
+				{
+					fail("Could not Mark Modules as Opened");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+	
+	@Test
+	public void testIsCsrfLevelCompleteWithoutIncrementedCounter() 
+	{
+		String userName = new String("csrfCounterWithoutInc");
+		String csrfChallengeTwo = new String("94cd2de560d89ef59fc450ecc647ff4d4a55c15d"); //CSRF Challenge 2 (Should have CSRF Counter of 0 for new user
+		try
+		{
+			if(verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Open all Modules First so that the Module Can Be Opened
+				if(Setter.openAllModules(applicationRoot))
+				{
+					//Simulate user Opening Level
+					if(!Getter.getModuleAddress(applicationRoot, csrfChallengeTwo, userId).isEmpty())
+					{
+						if(!Getter.isCsrfLevelComplete(applicationRoot, csrfChallengeTwo, userId))
+						{
+							return; //Pass, because CSRF level is not completed because the CSRF Counter for the user is 0
+						}
+						else
+						{
+							fail("CSRF 2 marked completed without increment"); // CSRF 2 Challenge should have a counter of 0 and should not return true. 
+						}
+					}
+					else
+					{
+						fail("Could not Mark CSRF 2 as opened by user");
+					}
+				}
+				else
+				{
+					fail("Could not mark All Modules as Opened");
+				}
+			}
+			else
+			{
+				fail("Could not verify user (No Exception Failure)");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Verify User " + userName);
+		}
+	}
+}
diff --git a/SecurityShepherdCore/test/dbProcs/SetterTest.java b/SecurityShepherdCore/test/dbProcs/SetterTest.java
new file mode 100644
index 000000000..dab91370c
--- /dev/null
+++ b/SecurityShepherdCore/test/dbProcs/SetterTest.java
@@ -0,0 +1,986 @@
+package dbProcs;
+
+import static org.junit.Assert.*;
+
+import java.sql.CallableStatement;
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+
+import org.apache.log4j.Logger;
+import org.json.simple.JSONArray;
+import org.json.simple.JSONObject;
+import org.json.simple.JSONValue;
+import org.junit.Before;
+import org.junit.Test;
+
+import utils.Hash;
+import utils.ScoreboardStatus;
+
+public class SetterTest 
+{
+	private static org.apache.log4j.Logger log = Logger.getLogger(SetterTest.class);
+	private static String propertiesFileDirectory = new String("/site");
+	private static String applicationRoot = new String();
+	@Before
+	public void setUp()
+	{
+		applicationRoot = System.getProperty("user.dir") + propertiesFileDirectory;
+	}
+	
+	/**
+	 * Test to ensure class's can be created with this method. Other Unit Tests use this method, but not nessisarily every time, as a class may already exist.
+	 * This Method creates a random class name so it can run every time without failure
+	 */
+	@Test
+	public void testClassCreate() 
+	{
+		String random = Hash.randomKeyLengthString();
+		String className = "newC"+random;
+		if(!Setter.classCreate(applicationRoot, className, "2015"))
+		{
+			fail("Could not Create Class");
+		}
+		else
+		{
+			try
+			{
+				boolean pass = false;
+				ResultSet rs = Getter.getClassInfo(applicationRoot);
+				while(rs.next())
+				{
+					if(rs.getString(2).equalsIgnoreCase(className))
+					{
+						pass = true;
+						break;
+					}
+				}
+				if(!pass)
+				{
+					fail("Could not find class in DB");
+				}
+				else
+					return; // PASS
+			}
+			catch(Exception e)
+			{
+				log.fatal("Could not Find Created Class: " + e.toString());
+				fail("Could not Find Created Class");
+			}
+		}
+	}
+
+	@Test
+	public void testIncrementBadSubmission() 
+	{
+		String moduleId = "853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5"; //CSRF7
+		String userName = new String("BadSubUser");
+		try
+		{
+			if(GetterTest.verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				if(!Setter.openAllModules(applicationRoot))
+				{
+					fail("Could not mark all modules as open");
+				}
+				else
+				{
+					//Simulate user Opening Level
+					if(Getter.getModuleAddress(applicationRoot, moduleId, userId).isEmpty())
+					{
+						fail("Could not Simulate Opening First Level for User");
+					} 
+					else
+					{
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, moduleId, userId, "Feedback is Disabled", 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{
+							//Giving the User a Score Bump in case they have already completed CSRF7 and this is the 20th time the unit test has run
+							if(!Setter.updateUserPoints(applicationRoot, userId, 20))
+								fail("Could not give user extra points");
+							
+							int scoreBefore = 0;
+							ScoreboardStatus.setScoreboeardOpen();
+							String scoreboardData = Getter.getJsonScore(applicationRoot, "");
+							if(scoreboardData.isEmpty())
+							{
+								fail("Could not detect user in scoreboard before bad submission test");
+							}
+							else
+							{
+								JSONArray scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+								//Loop through array to find Our user
+								for(int i = 0; i < scoreboardJson.size(); i++)
+								{
+									log.debug("Looping through Array " + i);
+									JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+									if(scoreRowJson.get("username").toString().compareTo(userName) == 0)
+									{
+										log.debug("Found user with score: " + scoreRowJson.get("score"));
+										scoreBefore = Integer.parseInt(scoreRowJson.get("score").toString());
+										break;
+									}
+								}
+								if(scoreBefore == 0)
+								{
+									log.fatal("Could not find user " + userName + " with score > 0: " + scoreboardData);
+									fail("User has score of 0 before BadSubmission Emulation");
+								}
+								
+								//Resetting resetBadSubmission count back to 0
+								if(!Setter.resetBadSubmission(applicationRoot, userId))
+									fail("Could not Reset bad submission count");
+								//Simulating 41 bad submissions
+								for(int i = 0; i <= 40; i++)
+									Setter.incrementBadSubmission(applicationRoot, userId);
+								
+								//Check Score again
+								int scoreAfter = 0;
+								scoreboardData = Getter.getJsonScore(applicationRoot, "");
+								scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+								//Loop through array to find Our user
+								for(int i = 0; i < scoreboardJson.size(); i++)
+								{
+									log.debug("Looping through Array " + i);
+									JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+									if(scoreRowJson.get("username").toString().compareTo(userName) == 0)
+									{
+										log.debug("Found user with score: " + scoreRowJson.get("score"));
+										scoreAfter = Integer.parseInt(scoreRowJson.get("score").toString());
+										break;
+									}
+								}
+								
+								int expectedAfter = scoreBefore-(scoreBefore/10);
+								log.debug("expected score: " + expectedAfter);
+								if(scoreAfter != expectedAfter)//Checking exact number should be equal to and number below as well incase rounded d
+								{
+									log.debug("score before: " + scoreBefore);
+									log.debug("score after : " + scoreAfter);
+									log.debug("Expected After: " + expectedAfter);
+									int roundedUp = scoreAfter+1; 
+									if(roundedUp != expectedAfter)
+										fail("Invalid Score Deduction Detected");
+									else
+										return; // PASS
+								}
+								else
+								{
+									return; //Pass
+								}
+							}
+						}
+						else
+						{
+							fail("Could not Mark First level as complete");
+						}
+					}
+				}
+			}
+			else
+			{
+				fail("Could not Create/Verify User");
+			}
+		}
+		catch (Exception e)
+		{
+			log.fatal("Could not complete badSubmission Test: " + e.toString());
+			fail("Could not complete badSubmission Test");
+		}
+	}
+	
+	@Test
+	public void testOpenOnlyMobileCategories() 
+	{
+		if(!Setter.openOnlyMobileCategories(applicationRoot))
+			fail("Could not Open Only Mobile Categories");
+	}
+	
+	@Test
+	public void testOpenOnlyWebCategories() 
+	{
+		if(!Setter.openOnlyWebCategories(applicationRoot))
+			fail("Could not Open Only Web Categories");
+	}
+	
+
+	@Test
+	public void testResetBadSubmission() 
+	{
+		String moduleId = "853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5"; //CSRF7
+		String userName = new String("BadSubResetUser");
+		try
+		{
+			if(GetterTest.verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				if(!Setter.openAllModules(applicationRoot))
+				{
+					fail("Could not mark all modules as open");
+				}
+				else
+				{
+					//Simulate user Opening Level
+					if(Getter.getModuleAddress(applicationRoot, moduleId, userId).isEmpty())
+					{
+						fail("Could not Simulate Opening First Level for User");
+					} 
+					else
+					{
+						String markLevelCompleteTest = Setter.updatePlayerResult(applicationRoot, moduleId, userId, "Feedback is Disabled", 1, 1, 1);
+						if (markLevelCompleteTest != null)
+						{					
+							int scoreBefore = 0;
+							ScoreboardStatus.setScoreboeardOpen();
+							String scoreboardData = Getter.getJsonScore(applicationRoot, "");
+							if(scoreboardData.isEmpty())
+							{
+								fail("Could not detect user in scoreboard before bad submission test");
+							}
+							else
+							{
+								JSONArray scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+								//Loop through array to find Our user
+								for(int i = 0; i < scoreboardJson.size(); i++)
+								{
+									JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+									if(scoreRowJson.get("username").toString().compareTo(userName) == 0)
+									{
+										log.debug("Found user with score: " + scoreRowJson.get("score"));
+										scoreBefore = Integer.parseInt(scoreRowJson.get("score").toString());
+										break;
+									}
+								}
+								if(scoreBefore == 0)
+								{
+									log.fatal("Could not find user " + userName + " with score > 0: " + scoreboardData);
+									fail("User has score of 0 before BadSubmission Emulation");
+								}
+								
+								//Resetting resetBadSubmission count back to 0
+								if(!Setter.resetBadSubmission(applicationRoot, userId))
+									fail("Could not Reset bad submission count");
+								//Simulating 40 bad submissions
+								for(int i = 0; i < 40; i++)
+								{
+									if(!Setter.incrementBadSubmission(applicationRoot, userId))
+										fail("Could not Increment Bad Submission Counter");
+								}
+								//Resetting Bad Submission Count back to 0 again
+								if(!Setter.resetBadSubmission(applicationRoot, userId))
+									fail("Could not Reset bad submission count");
+								//Incrementing one more time (Should set user bad submission counter to 1)
+								if(!Setter.incrementBadSubmission(applicationRoot, userId))
+									fail("Could not Increment Bad Submission Counter");
+								
+								//Check Score again
+								int scoreAfter = 0;
+								scoreboardData = Getter.getJsonScore(applicationRoot, "");
+								scoreboardJson = (JSONArray)JSONValue.parse(scoreboardData);
+								//Loop through array to find Our user
+								for(int i = 0; i < scoreboardJson.size(); i++)
+								{
+									log.debug("Looping through Array " + i);
+									JSONObject scoreRowJson = (JSONObject)scoreboardJson.get(i);
+									if(scoreRowJson.get("username").toString().compareTo(userName) == 0)
+									{
+										log.debug("Found user with score: " + scoreRowJson.get("score"));
+										scoreAfter = Integer.parseInt(scoreRowJson.get("score").toString());
+										break;
+									}
+								}
+								
+								if(scoreAfter != scoreBefore)//Checking exact number should be equal to and number below as well incase rounded d
+								{
+									log.debug("score before: " + scoreBefore);
+									log.debug("score after : " + scoreAfter);
+									fail("Invalid Score Deduction Detected");
+								}
+								else
+								{
+									return; //Pass
+								}
+							}
+						}
+						else
+						{
+							fail("Could not Mark First level as complete");
+						}
+					}
+				}
+			}
+			else
+			{
+				fail("Could not Create/Verify User");
+			}
+		}
+		catch (Exception e)
+		{
+			log.fatal("Could not complete badSubmission Test: " + e.toString());
+			fail("Could not complete badSubmission Test");
+		}
+	}
+
+	@Test
+	public void testSetCsrfChallengeFourCsrfToken() 
+	{
+		String userName = new String("csrfFourUser");
+		try
+		{
+			if(GetterTest.verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String csrfTokenValue = new String("CsrfTokenTest");
+				String csrfToken = Setter.setCsrfChallengeFourCsrfToken(userId, csrfTokenValue, applicationRoot);
+				if(csrfToken.compareTo(csrfTokenValue) != 0)
+					fail("Retrieved CSRF token did not Match the Set Value");
+			}
+			else
+			{
+				fail("Could not Verify User");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete setCsrfChallengeFourCsrfToken test: " + e.toString());
+			fail("Could not complete setCsrfChallengeFourCsrfToken test");
+		}
+	}
+	
+	@Test
+	public void testSetCsrfChallengeSevenCsrfToken() 
+	{
+		String userName = new String("csrfSevenUser");
+		try
+		{
+			if(GetterTest.verifyTestUser(applicationRoot, userName, userName))
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String csrfToken = new String("CsrfTokenTest");
+				if(!Setter.setCsrfChallengeSevenCsrfToken(userId, csrfToken, applicationRoot))
+					fail("Could not Set CSRF Chalenge 7 Token");
+			}
+			else
+			{
+				fail("Could not Verify User");
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete setCsrfChallengeSevenCsrfToken test: " + e.toString());
+			fail("Could not complete setCsrfChallengeSevenCsrfToken test");
+		}
+	}
+	
+	@Test
+	public void testSetModuleCategoryStatusOpen()
+	{
+		String moduleCategory = new String("Injection");
+		if(!Setter.closeAllModules(applicationRoot))
+			fail("Could not Mark all modules as closed");
+		else if (!Setter.setModuleCategoryStatusOpen(applicationRoot, moduleCategory, "open"))
+			fail("Could not Open module Category");
+		else
+		{
+			Connection conn = Database.getCoreConnection(applicationRoot);
+			try
+			{
+				log.debug("Getting Number of Mobile Levels From DB");
+				PreparedStatement prepStatement = conn.prepareStatement("SELECT DISTINCT moduleCategory FROM modules WHERE moduleStatus = 'open';");
+				ResultSet rs = prepStatement.executeQuery();
+				while(rs.next())
+				{
+					if(rs.getString(1).compareTo(moduleCategory) != 0)
+					{
+						log.debug("Found Category that wa snot injection: " + rs.getString(1));
+						fail("Detected Category that was not Injection Open");
+					}
+				}
+			}
+			catch(SQLException e)
+			{
+				log.fatal("Could not Query DB: " + e.toString());
+				fail("Could not Query DB for Module Status");
+			}
+		}
+	}
+	
+	@Test
+	public void testSetModuleCategoryStatusClosed()
+	{
+		String moduleCategory = new String("Injection");
+		if(!Setter.openAllModules(applicationRoot))
+			fail("Could not Mark all modules as open");
+		else if (!Setter.setModuleCategoryStatusOpen(applicationRoot, moduleCategory, "closed"))
+			fail("Could not close module Category");
+		else
+		{
+			Connection conn = Database.getCoreConnection(applicationRoot);
+			try
+			{
+				log.debug("Getting Number of Mobile Levels From DB");
+				PreparedStatement prepStatement = conn.prepareStatement("SELECT DISTINCT moduleCategory FROM modules WHERE moduleStatus = 'closed';");
+				ResultSet rs = prepStatement.executeQuery();
+				while(rs.next())
+				{
+					if(rs.getString(1).compareTo(moduleCategory) != 0)
+					{
+						log.debug("Found Category that wa snot injection: " + rs.getString(1));
+						fail("Detected Category that was not Injection Closed");
+					}
+				}
+			}
+			catch(SQLException e)
+			{
+				log.fatal("Could not Query DB: " + e.toString());
+				fail("Could not Query DB for Module Status");
+			}
+		}
+	}
+	
+	@Test
+	public void testSetModuleStatusClosed()
+	{
+		String moduleId = new String("853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5"); //CSRF 7
+		if(!Setter.openAllModules(applicationRoot))
+			fail("Could not Mark all modules as open");
+		else if (!Setter.setModuleStatusClosed(applicationRoot, moduleId))
+			fail("Could not close CSRF 7 Module");
+		else
+		{
+			Connection conn = Database.getCoreConnection(applicationRoot);
+			try
+			{
+				log.debug("Getting Number of Mobile Levels From DB");
+				PreparedStatement prepStatement = conn.prepareStatement("SELECT moduleStatus FROM modules WHERE moduleId = ?");
+				prepStatement.setString(1, moduleId);
+				ResultSet rs = prepStatement.executeQuery();
+				if(rs.next())
+				{
+					if(rs.getString(1).compareTo("closed") != 0)
+					{
+						log.debug("Module was not closed by method");
+						fail("Module was not closed by method");
+					}
+				}
+			}
+			catch(SQLException e)
+			{
+				log.fatal("Could not Query DB: " + e.toString());
+				fail("Could not Query DB for Module Status");
+			}
+		}
+	}
+	
+	@Test
+	public void testSetModuleStatusOpen()
+	{
+		String moduleId = new String("853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5"); //CSRF 7
+		if(!Setter.closeAllModules(applicationRoot))
+			fail("Could not Mark all modules as closed");
+		else if (!Setter.setModuleStatusOpen(applicationRoot, moduleId))
+			fail("Could not close CSRF 7 Module");
+		else
+		{
+			Connection conn = Database.getCoreConnection(applicationRoot);
+			try
+			{
+				log.debug("Getting Number of Mobile Levels From DB");
+				PreparedStatement prepStatement = conn.prepareStatement("SELECT moduleStatus FROM modules WHERE moduleId = ?");
+				prepStatement.setString(1, moduleId);
+				ResultSet rs = prepStatement.executeQuery();
+				if(rs.next())
+				{
+					if(rs.getString(1).compareTo("open") != 0)
+					{
+						log.debug("Module was not opened by method");
+						fail("Module was not opened by method");
+					}
+				}
+			}
+			catch(SQLException e)
+			{
+				log.fatal("Could not Query DB: " + e.toString());
+				fail("Could not Query DB for Module Status");
+			}
+		}
+	}
+	
+	@Test
+	public void testSetStoredMessage() 
+	{
+		log.debug("Testing Set Stored message");
+		String userName = new String("storedMessageUser");
+		String className = new String("sMessageClass");
+		String moduleId = new String("853c98bd070fe0d31f1ec8b4f2ada9d7fd1784c5"); //CSRF 7
+		String message = new String("TestStoredMessage");
+		try
+		{
+			log.debug("Getting class id");
+			String classId = GetterTest.findCreateClassId(className, applicationRoot);
+			log.debug("Checking User Name in DB");
+			if(GetterTest.verifyTestUser(applicationRoot, userName, userName, classId))
+			{
+				//Open all Modules First so that the Module Can Be Opened
+				if(!Setter.openAllModules(applicationRoot))
+				{
+					fail("Could not open all modules");
+				}
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				//Simulate user Opening Level
+				if(Getter.getModuleAddress(applicationRoot, moduleId, userId).isEmpty())
+				{
+					fail("Could not Simulate Opening First Level for User");
+				} 
+				else
+				{
+					Setter.setStoredMessage(applicationRoot, message, userId, moduleId);
+					Connection conn = Database.getCoreConnection(applicationRoot);
+					try
+					{
+						CallableStatement callstmt = conn.prepareCall("call resultMessageByClass(?, ?)");
+						log.debug("Gathering resultMessageByClass ResultSet");
+						callstmt.setString(1, classId);
+						callstmt.setString(2, moduleId);
+						ResultSet resultSet = callstmt.executeQuery();
+						log.debug("resultMessageByClass executed");
+						while(resultSet.next())
+						{
+							if(resultSet.getString(1).compareTo(userName) == 0)
+							{
+								if(resultSet.getString(2).compareTo(message) != 0)
+									fail("Stored Message does not equal the one set");
+								else
+									return; //Pass
+							}
+						}
+						fail("Could not find user stored message");
+					}
+					catch(SQLException e)
+					{
+						log.fatal("Could not Query DB: " + e.toString());
+						fail("Could not Query DB For Stored Message");
+					}
+				}
+			}
+			else
+			{
+				fail("Could not verify test User");
+			}
+		}
+		catch(Exception e)
+		{
+			String error = "Could not complete testSetStoredMessage";
+			log.fatal(error + ": " + e.toString());
+			fail(error);
+		}
+	}
+
+	@Test
+	public void testSuspendUser() 
+	{
+		String userName = new String("suspendedUser");
+		try
+		{
+			log.debug("Checking User Name in DB");
+			boolean loggedIn = false;
+			try
+			{
+				log.debug("Trying to Verify User");
+				loggedIn = GetterTest.verifyTestUser(applicationRoot, userName, userName);
+			}
+			catch(Exception e)
+			{
+				log.debug("Could not verify. May be suspended. Unsuspending");
+				//Might need to unsuspend player
+				Setter.unSuspendUser(applicationRoot, Getter.getUserIdFromName(applicationRoot, userName));
+				//Gotta Sleep for a sec otherwise the time setting for suspension will fail test. Must be 1 sec after unsuspend function ran
+				Thread.sleep(1000);
+				loggedIn = GetterTest.verifyTestUser(applicationRoot, userName, userName);
+			}
+			if(!loggedIn)
+			{
+				fail("Could not Verify User");
+			}
+			else
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				if(!Setter.suspendUser(applicationRoot, userId, 10))
+				{
+					fail("Could not suspend User");
+				}
+				else
+				{
+					String user[] = Getter.authUser(applicationRoot, userName, userName);
+					if(user == null || user[0].isEmpty())
+					{
+						return;// PASS: User Could not Authenticate after suspension
+					}
+					else
+					{
+						fail("Could still authenticate as user after suspension");
+					}
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete testSuspendUser: " + e.toString());
+			fail("Could not complete testSuspendUser");
+		}
+	}
+	
+	@Test
+	public void testUnSuspendUser() 
+	{
+		String userName = new String("UnsuspendedUser");
+		try
+		{
+			log.debug("Checking User Name in DB");
+			if(!GetterTest.verifyTestUser(applicationRoot, userName, userName))
+			{
+				fail("Could not Verify User");
+			}
+			else
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				if(!Setter.suspendUser(applicationRoot, userId, 10))
+				{
+					fail("Could not suspend User");
+				}
+				else
+				{
+					if(!Setter.unSuspendUser(applicationRoot, userId))
+					{
+						fail("Could not unsusepend user");
+					}
+					else
+					{
+						//Gotta Sleep for a sec, otherwise the time compair will round down and user auth will fail. User is unsuspended 1 second after unsuspend funciton
+						Thread.sleep(1000);
+						String user[] = Getter.authUser(applicationRoot, userName, userName);
+						if(user == null || user[0].isEmpty())
+						{
+							fail("Could not Authenticate after unsuspension");
+						}
+						else
+						{
+							return;// PASS: User Could not Authenticate after unsuspension
+						}
+					}
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete testUnSuspendUser: " + e.toString());
+			fail("Could not complete testUnSuspendUser");
+		}
+	}
+	
+	@Test
+	public void testUpdatePassword() 
+	{
+		log.debug("Testing update Password");
+		String userName = new String("updatePassword");
+		String currentPass = new String();
+		String newPass = new String();
+		boolean loggedIn = false;
+		try
+		{
+			try
+			{
+				currentPass = userName;
+				newPass = userName+userName;
+				log.debug("Logging in with default Pass");
+				loggedIn = GetterTest.verifyTestUser(applicationRoot, userName, currentPass);
+			}
+			catch(Exception e)
+			{
+				newPass = userName;
+				currentPass = userName+userName;
+				log.debug("Could not log in with default pass: " + e.toString());
+				log.debug("Logging in with alternative pass: " + currentPass);
+				String[] auth = Getter.authUser(applicationRoot, userName, currentPass);
+				loggedIn = auth != null;
+			}
+			if(!loggedIn)
+			{
+				log.debug("Could not sign in with any pass.");
+				fail("Could not Verify User");
+			}
+			else
+			{
+				log.debug("Logged in! Updating Password now");
+				if(!Setter.updatePassword(applicationRoot, userName, currentPass, newPass))
+				{
+					log.debug("Could not update password");
+					fail("Could not update password");
+				}
+				else
+				{
+					log.debug("Password Updated. Authenticating with new pass: " + newPass);
+					String[] auth = Getter.authUser(applicationRoot, userName, newPass);
+					if(auth == null)
+					{
+						fail("Could Not Auth With New Pass");
+					}
+					else
+					{
+						return; //PASS: Authenticated With New Pass
+					}
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete testUpdatePassword: " + e.toString());
+			fail("Could not complete testUpdatePassword");
+		}
+	}
+
+	@Test
+	public void testUpdatePasswordAdmin() 
+	{
+		log.debug("Testing update Password");
+		String userName = new String("adminPassUp");
+		String currentPass = new String();
+		String newPass = new String();
+		boolean loggedIn = false;
+		try
+		{
+			try
+			{
+				currentPass = userName;
+				newPass = userName+userName;
+				log.debug("Logging in with default Pass");
+				loggedIn = GetterTest.verifyTestUser(applicationRoot, userName, currentPass);
+			}
+			catch(Exception e)
+			{
+				newPass = userName;
+				currentPass = userName+userName;
+				log.debug("Could not log in with default pass: " + e.toString());
+				log.debug("Logging in with alternative pass: " + currentPass);
+				String[] auth = Getter.authUser(applicationRoot, userName, currentPass);
+				loggedIn = auth != null;
+			}
+			if(!loggedIn)
+			{
+				log.debug("Could not sign in with any pass.");
+				fail("Could not Verify User");
+			}
+			else
+			{
+				log.debug("Logged in! Updating Password now");
+				if(!Setter.updatePasswordAdmin(applicationRoot, Getter.getUserIdFromName(applicationRoot, userName), newPass))
+				{
+					log.debug("Could not update password");
+					fail("Could not update password");
+				}
+				else
+				{
+					log.debug("Password Updated. Authenticating with new pass: " + newPass);
+					String[] auth = Getter.authUser(applicationRoot, userName, newPass);
+					if(auth == null)
+					{
+						fail("Could Not Auth With New Pass");
+					}
+					else
+					{
+						return; //PASS: Authenticated With New Pass
+					}
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete testUpdatePasswordAdmin: " + e.toString());
+			fail("Could not complete testUpdatePasswordAdmin");
+		}
+	}
+
+	@Test
+	public void testUpdatePlayerClass() 
+	{
+		String userName = new String("UpdateClassUser");
+		String className = new String("Old Class");
+		String otherClassName = new String("Other Class");
+		String classId = new String();
+		String otherClassId = new String();
+		String newClass = new String();
+		try
+		{
+			log.debug("Getting class ids");
+			classId = GetterTest.findCreateClassId(className, applicationRoot);
+			otherClassId = GetterTest.findCreateClassId(otherClassName, applicationRoot);
+			log.debug("Verifying User");
+			if(!GetterTest.verifyTestUser(applicationRoot, userName, userName, classId))
+			{
+				fail("Could not verify user");
+			}
+			else
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String currentClass = Getter.getUserClassFromName(applicationRoot, userName);
+				newClass = otherClassId;
+
+				log.debug("Current Class: " + currentClass);
+				log.debug("New Class: " + newClass);
+				if(!Setter.updatePlayerClass(applicationRoot, newClass, userId).equalsIgnoreCase(userName))
+				{
+					fail("Could not update player class");
+				}
+				else
+				{
+					String latestClass = Getter.getUserClassFromName(applicationRoot, userName);
+					if(latestClass.compareTo(newClass) != 0)
+					{
+						log.debug("Latest Class: " + latestClass);
+						log.debug("New Class: " + newClass);
+						fail("Retrieved Class is not the Set Class");
+					}
+					else
+					{
+						return; // PASS
+					}
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete testUpdatePlayerClass: " + e.toString());
+			fail("Could not complete testUpdatePlayerClass");
+		}
+	}
+
+	@Test
+	public void testUpdatePlayerClassToNull()
+	{
+		String userName = new String("UpdateClassUserFromNull");
+		String className = new String("WutClass");
+		String classId = new String();
+		try
+		{
+			log.debug("Getting class ids");
+			classId = GetterTest.findCreateClassId(className, applicationRoot);
+			if(!GetterTest.verifyTestUser(applicationRoot, userName, userName, classId))
+			{
+				fail("Could not verify user");
+			}
+			else
+			{
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				String currentClass = Getter.getUserClassFromName(applicationRoot, userName);
+				log.debug("Current Class: " + currentClass);
+				if(!Setter.updatePlayerClassToNull(applicationRoot, userId).equalsIgnoreCase(userName))
+				{
+					fail("Could not update player class to null");
+				}
+				else
+				{
+					String latestClass = Getter.getUserClassFromName(applicationRoot, userName);
+					if(latestClass == null || latestClass.isEmpty())
+					{
+						return;// PASS
+					}
+					else
+					{
+						log.debug("Latest Class: " + latestClass);
+						fail("Retrieved Class is not null");
+					}
+				}
+			}
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not complete testUpdatePlayerClass: " + e.toString());
+			fail("Could not complete testUpdatePlayerClass");
+		}
+	}
+
+	@Test
+	public void testUpdateUserRole() 
+	{
+		String userName = new String("WasUserNowAdmin");
+		String currentRole = new String();
+		String newRole = new String();
+		try
+		{
+			if(GetterTest.verifyTestUser(applicationRoot, userName, userName))
+			{
+				Connection conn = Database.getCoreConnection(applicationRoot);
+				PreparedStatement ps = conn.prepareStatement("SELECT userRole FROM users WHERE userName = ?");
+				ps.setString(1, userName);
+				ResultSet rs = ps.executeQuery();
+				if(rs.next())
+				{
+					currentRole = rs.getString(1);
+					if(currentRole.equalsIgnoreCase("admin"))
+					{
+						log.debug("User is currently an admin. Changing to player");
+						newRole = new String("player");
+					}
+					else
+					{
+						log.debug("User is currently a player. Changing to admin");
+						newRole = new String("admin");
+					}
+				}
+				else
+				{
+					fail("User not found in DB after it was created");
+				}
+				rs.close();
+				conn.close();
+				String userId = Getter.getUserIdFromName(applicationRoot, userName);
+				if(!Setter.updateUserRole(applicationRoot, userId, newRole).equalsIgnoreCase(userName))
+				{
+					fail("Could not update user role from " + currentRole + " to " + newRole);
+				}
+				else
+				{
+					log.debug("Checking if change occurred");
+					conn = Database.getCoreConnection(applicationRoot);
+					ps = conn.prepareStatement("SELECT userRole FROM users WHERE userName = ?");
+					ps.setString(1, userName);
+					rs = ps.executeQuery();
+					if(rs.next())
+					{
+						if(!newRole.equalsIgnoreCase(rs.getString(1)))
+						{
+							fail("User Role was not updated in DB");
+						}
+						else
+						{
+							//Pass
+						}
+					}
+					else
+					{
+						fail("Could not find user after creating and updating");
+					}
+					rs.close();
+					conn.close();
+				}
+			}
+			else
+			{
+				fail("Could not Create User");
+			}
+			
+		}
+		catch(SQLException e)
+		{
+			log.fatal("DB Error: " + e.toString());
+			fail("Could not Complete testUpdateUserRole because DB Error");
+		}
+		catch(Exception e)
+		{
+			log.fatal("Could not Verify User: " + e.toString());
+			fail("Could not Complete testUpdateUserRole");
+		}
+	}
+}