working on the dashboard, added some pie charts

app/views/layouts/dashboard/_dashboard_stats.html.erb

@@ -0,0 +1,54 @@
+<div class="widget">
+    <div class="widget-header">
+      <div class="title">
+        <span class="fs1" aria-hidden="true" data-icon="&#xe0a0;"></span> Current Statistics <span class="mini-title">Animated Pie Charts</span>
+      </div>
+    </div>
+    <div class="widget-body">
+      <div class="easy-pie-charts-container">
+        <div class="pie-chart">
+          <div class="chart1" data-percent="65">
+            10
+          </div>
+          <h5 class="name">
+            Available PTO
+          </h5>
+        </div>
+        <div class="pie-chart">
+          <div class="chart2" data-percent="47">
+            1
+          </div>
+          <h5 class="name">
+            Sick Days Taken
+          </h5>
+        </div>
+        <div class="pie-chart">
+          <div class="chart3" data-percent="87">
+            $5920
+          </div>
+          <h5 class="name">
+            Income
+          </h5>
+        </div>
+        <div class="pie-chart">
+          <div class="chart4" data-percent="22">
+            5.0
+          </div>
+          <h5 class="name">
+            Performance Score
+          </h5>
+        </div>
+        <div class="pie-chart">
+          <div class="chart5" data-percent="91">
+            71
+          </div>
+          <h5 class="name">
+            401k
+          </h5>
+        </div>
+        <div class="clearfix">
+        </div>
+      </div>
+    </div>
+  </div>
+

app/views/layouts/tutorial/xss/_xss_first.html.erb

@@ -31,13 +31,23 @@
           <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
             <div class="accordion-inner">
               <p><b>Stored Cross-Site Scripting - The following code was taken from app/views/layouts/shared/_header.html.erb</b></p>
-			  <font face="Courier New" style="color: rgb(69, 126, 136)"> 
+			 
 				 <p>
   					<pre class="ruby">
 					  <%= @code %>
 	 				</pre>
                   </p>
-		      </font>
+ 				  <p class="desc">
+					Coincidentally, HTML safe is not safe from HTML Injection or "XSS" attacks. The name is deceiving. Some folks believe the raw() helper to be different than the html_safe String method. raw() is actually a wrapper for html_safe and essentially ensures exceptions are handled when the expected value is nil. 
+					<pre class="ruby">
+						# Psuedo-code to help conceptualize
+						def raw(dirty_string)
+						  dirty_string.to_s.html_safe
+						end
+					</pre>
+					
+				  </p>
+		    
             </div>
           </div>
         </div>