diff --git a/Gemfile b/Gemfile
index 131581f..219755b 100755
--- a/Gemfile
+++ b/Gemfile
@@ -1,6 +1,8 @@
 source 'https://rubygems.org'
 
-gem 'rails', '3.2.15'
+#don't upgrade
+gem 'rails', '3.2.11'
+gem 'rack', '1.4.3'
 
 # Bundle edge Rails instead:
 # gem 'rails', :git => 'git://github.com/rails/rails.git'
diff --git a/Gemfile.lock b/Gemfile.lock
index aed7bd1..4c937ea 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,32 +1,32 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (3.2.15)
-      actionpack (= 3.2.15)
-      mail (~> 2.5.4)
-    actionpack (3.2.15)
-      activemodel (= 3.2.15)
-      activesupport (= 3.2.15)
+    actionmailer (3.2.11)
+      actionpack (= 3.2.11)
+      mail (~> 2.4.4)
+    actionpack (3.2.11)
+      activemodel (= 3.2.11)
+      activesupport (= 3.2.11)
       builder (~> 3.0.0)
       erubis (~> 2.7.0)
       journey (~> 1.0.4)
-      rack (~> 1.4.5)
+      rack (~> 1.4.0)
       rack-cache (~> 1.2)
       rack-test (~> 0.6.1)
       sprockets (~> 2.2.1)
-    activemodel (3.2.15)
-      activesupport (= 3.2.15)
+    activemodel (3.2.11)
+      activesupport (= 3.2.11)
       builder (~> 3.0.0)
-    activerecord (3.2.15)
-      activemodel (= 3.2.15)
-      activesupport (= 3.2.15)
+    activerecord (3.2.11)
+      activemodel (= 3.2.11)
+      activesupport (= 3.2.11)
       arel (~> 3.0.2)
       tzinfo (~> 0.3.29)
-    activeresource (3.2.15)
-      activemodel (= 3.2.15)
-      activesupport (= 3.2.15)
-    activesupport (3.2.15)
-      i18n (~> 0.6, >= 0.6.4)
+    activeresource (3.2.11)
+      activemodel (= 3.2.11)
+      activesupport (= 3.2.11)
+    activesupport (3.2.11)
+      i18n (~> 0.6)
       multi_json (~> 1.0)
     addressable (2.3.5)
     arel (3.0.2)
@@ -52,7 +52,7 @@ GEM
       slim (>= 1.3.6, < 3.0)
       terminal-table (~> 1.4)
     builder (3.0.4)
-    bundler-audit (0.2.0)
+    bundler-audit (0.3.0)
       bundler (~> 1.2)
     capybara (2.1.0)
       mime-types (>= 1.16)
@@ -73,15 +73,15 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.6.3)
-    cucumber (1.3.8)
+    cucumber (1.3.9)
       builder (>= 2.1.2)
       diff-lcs (>= 1.1.3)
-      gherkin (~> 2.12.1)
+      gherkin (~> 2.12)
       multi_json (>= 1.7.5, < 2.0)
       multi_test (>= 0.0.2)
     database_cleaner (1.0.1)
     debug_inspector (0.0.2)
-    diff-lcs (1.2.4)
+    diff-lcs (1.2.5)
     docile (1.1.0)
     dotenv (0.9.0)
     em-websocket (0.5.0)
@@ -91,10 +91,11 @@ GEM
     eventmachine (1.0.3)
     execjs (2.0.2)
     fastercsv (1.5.5)
-    ffi (1.9.0)
+    ffi (1.9.3)
     foreman (0.63.0)
       dotenv (>= 0.7)
       thor (>= 0.13.6)
+    formatador (0.2.4)
     gauntlt (1.0.6)
       aruba
       cucumber
@@ -102,22 +103,25 @@ GEM
       trollop
     gherkin (2.12.2)
       multi_json (~> 1.3)
-    guard (1.4.0)
-      listen (>= 0.4.2)
-      thor (>= 0.14.6)
+    guard (2.2.3)
+      formatador (>= 0.2.4)
+      listen (~> 2.1)
+      lumberjack (~> 1.0)
+      pry (>= 0.9.12)
+      thor (>= 0.18.1)
     guard-brakeman (0.8.1)
       brakeman (>= 2.1.1)
       guard (>= 1.1.0)
-    guard-livereload (1.0.3)
-      em-websocket (>= 0.2.0)
-      guard (>= 1.1.0)
-      multi_json (~> 1.0)
-    guard-rspec (2.5.4)
-      guard (>= 1.1)
-      rspec (~> 2.11)
+    guard-livereload (2.0.0)
+      em-websocket (~> 0.5)
+      guard (~> 2.0)
+      multi_json (~> 1.8)
+    guard-rspec (4.0.4)
+      guard (>= 2.1.1)
+      rspec (~> 2.14)
     guard-shell (0.5.1)
       guard (>= 1.1.0)
-    haml (4.0.3)
+    haml (4.0.4)
       tilt
     hashr (0.0.22)
     highline (1.6.20)
@@ -133,15 +137,17 @@ GEM
       thor (>= 0.14, < 2.0)
     json (1.8.1)
     kgio (2.8.1)
-    launchy (2.3.0)
+    launchy (2.4.0)
       addressable (~> 2.3)
     libv8 (3.16.14.3)
-    listen (2.1.2)
+    listen (2.2.0)
       celluloid (>= 0.15.2)
       rb-fsevent (>= 0.9.3)
       rb-inotify (>= 0.9)
     lockfile (2.1.0)
-    mail (2.5.4)
+    lumberjack (1.0.4)
+    mail (2.4.4)
+      i18n (>= 0.4.0)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
     method_source (0.8.2)
@@ -157,12 +163,11 @@ GEM
     polyglot (0.3.3)
     powder (0.2.0)
       thor (>= 0.11.5)
-    pry (0.9.6)
-      coderay (>= 0.9.8)
-      method_source (>= 0.6.5)
-      ruby_parser (>= 2.0.5)
-      slop (~> 2.1.0)
-    rack (1.4.5)
+    pry (0.9.12.3)
+      coderay (~> 1.0)
+      method_source (~> 0.8)
+      slop (~> 3.4)
+    rack (1.4.3)
     rack-cache (1.2)
       rack (>= 0.4)
     rack-livereload (0.3.15)
@@ -171,17 +176,17 @@ GEM
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (3.2.15)
-      actionmailer (= 3.2.15)
-      actionpack (= 3.2.15)
-      activerecord (= 3.2.15)
-      activeresource (= 3.2.15)
-      activesupport (= 3.2.15)
+    rails (3.2.11)
+      actionmailer (= 3.2.11)
+      actionpack (= 3.2.11)
+      activerecord (= 3.2.11)
+      activeresource (= 3.2.11)
+      activesupport (= 3.2.11)
       bundler (~> 1.0)
-      railties (= 3.2.15)
-    railties (3.2.15)
-      actionpack (= 3.2.15)
-      activesupport (= 3.2.15)
+      railties (= 3.2.11)
+    railties (3.2.11)
+      actionpack (= 3.2.11)
+      activesupport (= 3.2.11)
       rack-ssl (~> 1.3.2)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
@@ -198,8 +203,8 @@ GEM
       rspec-core (~> 2.14.0)
       rspec-expectations (~> 2.14.0)
       rspec-mocks (~> 2.14.0)
-    rspec-core (2.14.6)
-    rspec-expectations (2.14.3)
+    rspec-core (2.14.7)
+    rspec-expectations (2.14.4)
       diff-lcs (>= 1.1.3, < 2.0)
     rspec-mocks (2.14.4)
     rspec-rails (2.14.0)
@@ -229,7 +234,7 @@ GEM
     slim (2.0.2)
       temple (~> 0.6.6)
       tilt (>= 1.3.3, < 2.1)
-    slop (2.1.0)
+    slop (3.4.6)
     sprockets (2.2.2)
       hike (~> 1.2)
       multi_json (~> 1.0)
@@ -251,10 +256,10 @@ GEM
       polyglot (>= 0.3.1)
     trollop (2.0)
     tzinfo (0.3.38)
-    uglifier (2.3.0)
+    uglifier (2.3.1)
       execjs (>= 0.3.0)
       json (>= 1.8.0)
-    unicorn (4.6.3)
+    unicorn (4.7.0)
       kgio (~> 2.6)
       rack
       raindrops (~> 0.7)
@@ -288,8 +293,9 @@ DEPENDENCIES
   poltergeist
   powder
   pry
+  rack (= 1.4.3)
   rack-livereload
-  rails (= 3.2.15)
+  rails (= 3.2.11)
   rb-fsevent
   rspec-rails
   sass-rails
diff --git a/app/controllers/tutorials_controller.rb b/app/controllers/tutorials_controller.rb
index f88edba..fb4d61d 100755
--- a/app/controllers/tutorials_controller.rb
+++ b/app/controllers/tutorials_controller.rb
@@ -15,7 +15,6 @@ class TutorialsController < ApplicationController
   end
   
   def injection
-  
   end
   
   def xss
@@ -62,6 +61,9 @@ class TutorialsController < ApplicationController
   
   def misconfig
   end
+
+  def insecure_components
+  end
   
   def crypto
   end
diff --git a/app/views/layouts/tutorial/_sidebar.html.erb b/app/views/layouts/tutorial/_sidebar.html.erb
index 241339c..10e885f 100755
--- a/app/views/layouts/tutorial/_sidebar.html.erb
+++ b/app/views/layouts/tutorial/_sidebar.html.erb
@@ -74,7 +74,7 @@
       <% end %>
     </li>
     <li id="ssl_tls">
-      <%= link_to ssl_tls_tutorials_path do %>
+      <%= link_to insecure_components_tutorials_path do %>
         <div class="icon">
           <span class="fs1" aria-hidden="true" data-icon="&#xe094;"></span>
         </div>
diff --git a/app/views/layouts/tutorial/exposure/_ssn.html.erb b/app/views/layouts/tutorial/exposure/_ssn.html.erb
index 1718b97..0890a3e 100644
--- a/app/views/layouts/tutorial/exposure/_ssn.html.erb
+++ b/app/views/layouts/tutorial/exposure/_ssn.html.erb
@@ -17,7 +17,7 @@
           <div class="accordion-body in collapse" id="collapseSSNOne" style="height: auto;">
             <div class="accordion-inner">
 			  <p class="desc">
-              	The Railsgoat application stores Social Security Numbers in plain-text and because of this, it fails to adequately protect these numbers from theft.
+              	The Railsgoat application stores and transmits Social Security Numbers insecurely.
  			  </p>
             </div>
           </div>
@@ -32,8 +32,11 @@
           </div>
           <div class="accordion-body collapse" id="collapseSSNTwo" style="height: 0px;">
             <div class="accordion-inner">
-	          <p class="desc">
-              The WorkInfo model (app/models/work_info.rb) is where the code to encrypt this data should be. However, as seen, is missing any routine to do so.
+	            <p class="desc">
+		 				The Railsgoat application stores user's Social Security Numbers in plain-text within the database and because of this, it fails to adequately protect these numbers from theft. Additionally, the user's full SSN is sent back to the user within an HTTP response from the application.
+				</p>
+			  <p class="desc">
+              The WorkInfo model (app/models/work_info.rb) is missing code to encrypt this data prior to storage. Additionally, while code exists to render only the last 4 numbers of an SSN, at no time is it used.
  			  </p>
  			  <pre class="ruby">
 				class WorkInfo < ActiveRecord::Base
diff --git a/app/views/layouts/tutorial/insecure_components/_insecure_components_first.html.erb b/app/views/layouts/tutorial/insecure_components/_insecure_components_first.html.erb
new file mode 100644
index 0000000..b5192d5
--- /dev/null
+++ b/app/views/layouts/tutorial/insecure_components/_insecure_components_first.html.erb
@@ -0,0 +1,81 @@
+<div class="widget">
+    <div class="widget-header">
+      <div class="title">
+        <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A9 - Using Components with Known Vulnerabilities
+      </div>
+    </div>
+    <div class="widget-body">
+      <div id="accordion1" class="accordion no-margin">
+        <div class="accordion-group">
+          <div class="accordion-heading">
+            <a href="#collapseOne" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-info icon-white">
+              </i>
+              Description
+            </a>
+          </div>
+          <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
+            <div class="accordion-inner">
+              <p class="desc">
+              Virtually every application has these issues because most development teams don’t focus on ensuring their components/libraries are up to date. In many cases, the developers don’t even know all the components they are using, never mind their versions. Component dependencies make things even worse.
+	 		        </p>
+            </div>
+          </div>
+        </div>
+        <div class="accordion-group">
+          <div class="accordion-heading">
+            <a href="#collapseTwo" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-bug icon-white">
+              </i>
+              Bug
+            </a>
+          </div>
+          <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
+            <div class="accordion-inner">
+              <p class="desc">
+				Within the Gemfile the following gem versions are set. These versions of Rails and Rack are both vulnerable to multiple attacks.
+	 		  </p>
+	 		  <pre class="ruby">
+				<%= %q{
+          gem 'rails', '3.2.11'
+          gem 'rack', '1.4.3'
+				} %>
+			  </pre>
+			  <p class="desc">
+			  </p>	
+            </div>
+          </div>
+        </div>
+        <div class="accordion-group">
+          <div class="accordion-heading">
+            <a href="#collapseThree" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-lightning icon-white">
+              </i>
+              Solution
+            </a>
+          </div>
+          <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
+            <div class="accordion-inner">
+			  <p class="desc">
+				    To fix this issue, simply update your gems after unpinning the gem versions. You should always run the most up to date version possible and run Bundler-Audit Regularly.
+	          </p>
+            </div>
+          </div>
+        </div>
+      	<div class="accordion-group">
+          <div class="accordion-heading">
+            <a  style="background-color: rgb(181, 121, 158)" href="#collapseFour" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-aid icon-white">
+              </i>
+              Hint
+            </a>
+          </div>
+          <div class="accordion-body collapse" id="collapseFour" style="height: 0px;">
+            <div class="accordion-inner">
+                Remeber to keep your gems up to date!
+            </div>
+          </div>
+        </div>
+	</div>
+    </div>
+  </div>
\ No newline at end of file
diff --git a/app/views/layouts/tutorial/misconfig/_misconfig_first.html.erb b/app/views/layouts/tutorial/misconfig/_misconfig_first.html.erb
index 4c2bdc6..076fab2 100755
--- a/app/views/layouts/tutorial/misconfig/_misconfig_first.html.erb
+++ b/app/views/layouts/tutorial/misconfig/_misconfig_first.html.erb
@@ -16,7 +16,7 @@
           </div>
           <div class="accordion-body in collapse" id="collapseOne" style="height: auto;">
             <div class="accordion-inner">
-              Under progress...
+              Security misconfiguration can happen at any level of an application stack, including the platform, web server, application server, database, framework, and custom code. Developers and system administrators need to work together to ensure that the entire stack is configured properly. Automated scanners are useful for detecting missing patches, misconfigurations, use of default accounts, unnecessary services, etc.
             </div>
           </div>
         </div>
@@ -30,7 +30,15 @@
           </div>
           <div class="accordion-body collapse" id="collapseTwo" style="height: 0px;">
             <div class="accordion-inner">
-              Under progress...
+              <p>Rails has quite a few security related configurations. One of which relates to enforcing mass assignment protection.<p>
+               <p>
+            <pre class="ruby">
+            <%= %q{
+              config.active_record.whitelist_attributes=false
+            } %>
+         </pre>
+         </p>
+            <p>This configuration forces an application developer to whitelist attributes that can be modified with mass-assignment. When this configuration is set to false <b>any attribute can be mass-assigned.</b></p>
             </div>
           </div>
         </div>
@@ -44,7 +52,14 @@
           </div>
           <div class="accordion-body collapse" id="collapseThree" style="height: 0px;">
             <div class="accordion-inner">
-             Under progress...
+             The solution for this issue is quite simple. In your application.rb file set the configuration as follows. 
+            <pre class="ruby">
+            <%= %q{
+              config.active_record.whitelist_attributes=true
+            } %>
+            </pre>
+            Once this configuration is updated to true and the application is restarted, any attributes to be mass-assigned will have to be defined as attr_accessible.
+         </p>
             </div>
           </div>
         </div>
@@ -58,7 +73,7 @@
           </div>
           <div class="accordion-body collapse" id="collapseFour" style="height: 0px;">
             <div class="accordion-inner">
-             Under progress...
+             It has to do with mass-assignment, whitelisting and configuration. 
             </div>
           </div>
         </div>
diff --git a/app/views/layouts/tutorial/misconfig/_misconfig_second.html.erb b/app/views/layouts/tutorial/misconfig/_misconfig_second.html.erb
new file mode 100644
index 0000000..db874d7
--- /dev/null
+++ b/app/views/layouts/tutorial/misconfig/_misconfig_second.html.erb
@@ -0,0 +1,80 @@
+<div class="widget">
+    <div class="widget-header">
+      <div class="title">
+        <span class="fs1" aria-hidden="true" data-icon="&#xe092;"></span> A6 - Security Misconfiguration
+      </div>
+    </div>
+    <div class="widget-body">
+      <div id="accordion1" class="accordion no-margin">
+        <div class="accordion-group">
+          <div class="accordion-heading">
+            <a href="#collapseFive" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-info icon-white">
+              </i>
+              Description
+            </a>
+          </div>
+          <div class="accordion-body in collapse" id="collapseFive" style="height: auto;">
+            <div class="accordion-inner">
+              Another one of the Rails security configurations relates to escaping HTML entities in JSON.
+            </div>
+          </div>
+        </div>
+        <div class="accordion-group">
+          <div class="accordion-heading">
+            <a href="#collapseSix" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-bug icon-white">
+              </i>
+              Bug
+            </a>
+          </div>
+          <div class="accordion-body collapse" id="collapseSix" style="height: 0px;">
+            <div class="accordion-inner">
+              <p>When the following setting is set to false, HTML entities in JSON response will not be encoded.<p>
+               <p>
+            <pre class="ruby">
+            <%= %q{
+              ActiveSupport::escape_html_entities_in_json = false
+            } %>
+         </pre>
+         </p>
+            </div>
+          </div>
+        </div>
+        <div class="accordion-group">
+          <div class="accordion-heading">
+            <a href="#collapseSeven" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-lightning icon-white">
+              </i>
+              Solution
+            </a>
+          </div>
+          <div class="accordion-body collapse" id="collapseSeven" style="height: 0px;">
+            <div class="accordion-inner">
+            <p>Edit the html_entities file at config/initializers/html_entities.rb and set the following to true.</p>
+            <p><pre class="ruby">
+            <%= %q{
+              ActiveSupport::escape_html_entities_in_json = true
+            } %>
+            </pre></p>
+            <p>Once the initializer is edited and the application is restarted, any HTML entities in JSON responses will be encoded.</p>
+            </div>
+          </div>
+        </div>
+      	<div class="accordion-group">
+          <div class="accordion-heading">
+            <a  style="background-color: rgb(181, 121, 158)" href="#collapseEight" data-parent="#accordion1" data-toggle="collapse" class="accordion-toggle">
+              <i class="icon-aid icon-white">
+              </i>
+              Hint
+            </a>
+          </div>
+          <div class="accordion-body collapse" id="collapseEight" style="height: 0px;">
+            <div class="accordion-inner">
+             Think HTML entities, escaping and initializers. 
+            </div>
+          </div>
+        </div>
+	</div>
+    </div>
+  </div>
\ No newline at end of file
diff --git a/app/views/tutorials/insecure_components.html.erb b/app/views/tutorials/insecure_components.html.erb
new file mode 100644
index 0000000..271f7a9
--- /dev/null
+++ b/app/views/tutorials/insecure_components.html.erb
@@ -0,0 +1,17 @@
+<div class="dashboard-wrapper">
+	<div class="main-container">
+		<div class="row-fluid">
+		    <div class="span12"> <!-- Begin Span12 -->
+		      <%= render :partial => "layouts/tutorial/insecure_components/insecure_components_first" %>
+		    </div> <!-- End Span12 -->
+		</div>
+	</div>
+</div>
+
+<script type="text/javascript">
+function makeActive(){
+	$('li[id="insecure_components"]').addClass('active');
+};
+
+$(document).ready(makeActive);
+</script>
\ No newline at end of file
diff --git a/app/views/tutorials/misconfig.html.erb b/app/views/tutorials/misconfig.html.erb
index da9c0fc..e7cf527 100755
--- a/app/views/tutorials/misconfig.html.erb
+++ b/app/views/tutorials/misconfig.html.erb
@@ -5,6 +5,11 @@
 		      <%= render :partial => "layouts/tutorial/misconfig/misconfig_first"%>
 		    </div> <!-- End Span12-->
 		</div>
+		<div class="row-fluid">
+		    <div class="span12"> <!-- Begin Span12-->
+		      <%= render :partial => "layouts/tutorial/misconfig/misconfig_second"%>
+		    </div> <!-- End Span12-->
+		</div>		
 	</div>
 </div>
 
diff --git a/config/application.rb b/config/application.rb
index 1d45be7..700c154 100755
--- a/config/application.rb
+++ b/config/application.rb
@@ -40,7 +40,7 @@ module Railsgoat
     config.filter_parameters += [:password]
 
     # Enable escaping HTML in JSON.
-    config.active_support.escape_html_entities_in_json = false
+    #config.active_support.escape_html_entities_in_json = false
 
     # Use SQL instead of Active Record's schema dumper when creating the database.
     # This is necessary if your schema can't be completely dumped by the schema dumper,
diff --git a/config/initializers/html_entities.rb b/config/initializers/html_entities.rb
new file mode 100644
index 0000000..4db1c30
--- /dev/null
+++ b/config/initializers/html_entities.rb
@@ -0,0 +1 @@
+ActiveSupport::JSON::Encoding::escape_html_entities_in_json = false
diff --git a/config/routes.rb b/config/routes.rb
index 59b771f..d4142bc 100755
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -1,35 +1,63 @@
 Railsgoat::Application.routes.draw do
 
-get "login" => "sessions#new"
-get "signup" => "users#new"
-get "logout" => "sessions#destroy"
+  get "login" => "sessions#new"
+  get "signup" => "users#new"
+  get "logout" => "sessions#destroy"
 
-resources :sessions do
+  resources :sessions do
 
-end
-
-resources :users do
-  get "account_settings"
-  
-  resources :retirement do 
-  end
-  
-  resources :paid_time_off do 
-  end
-  
-  resources :work_info do
-  end
-  
-  resources :performance do 
-   
-  end
-  
-  resources :benefit_forms do 
-    
   end
 
-  resources :messages do 
+  resources :users do
+    get "account_settings"
+
+    resources :retirement do
+    end
+
+    resources :paid_time_off do
+    end
+
+    resources :work_info do
+    end
+
+    resources :performance do
+
+    end
+
+    resources :benefit_forms do
+
+    end
+
+    resources :messages do
+    end
+
   end
+
+  get "download" => "benefit_forms#download"
+  post "upload" => "benefit_forms#upload"
+
+  resources :tutorials do
+    collection do
+      get "credentials"
+      get "injection"
+      get "xss"
+      get "broken_auth"
+      get "insecure_dor"
+      get "csrf"
+      get "misconfig"
+      get "crypto"
+      get "url_access"
+      get "insecure_components"
+      get "ssl_tls"
+      get "redirects"
+      get "guard"
+      get "info_disclosure"
+      get "mass_assignment"
+      get "constantize"
+      get "gauntlt"
+    end
+  end
+<<<<<<< HEAD
   
 end
 
@@ -54,31 +82,31 @@ resources :tutorials do
     get "mass_assignment"
     get "constantize"
     get "gauntlt"
+=======
+
+  resources :schedule do
+    collection do
+      get "get_pto_schedule"
+    end
+
+>>>>>>> f0ca17df79bce4b15917780924ceef8407300fbb
   end
-end
 
-resources :schedule do 
-  collection do
-    get "get_pto_schedule"
+  resources :admin do
+    get "dashboard"
+    get "get_user"
+    post "delete_user"
+    put "update_user"
+    get "get_all_users"
   end
-  
-end
 
-resources :admin do
-  get "dashboard"
-  get "get_user"
-  post "delete_user"
-  put "update_user"
-  get "get_all_users"
-end
-
-resources :dashboard do
-  collection do 
-    get "home"
+  resources :dashboard do
+    collection do
+      get "home"
+    end
   end
-end
 
 
-root :to => "sessions#new"
+  root :to => "sessions#new"
 
 end
diff --git a/db/migrate/20131112235256_add_encrypted_ssn_to_work_infos.rb b/db/migrate/20131112235256_add_encrypted_ssn_to_work_infos.rb
new file mode 100644
index 0000000..2c7935a
--- /dev/null
+++ b/db/migrate/20131112235256_add_encrypted_ssn_to_work_infos.rb
@@ -0,0 +1,5 @@
+class AddEncryptedSsnToWorkInfos < ActiveRecord::Migration
+  def change
+    add_column :work_infos, :encrypted_ssn, :binary
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 2adcc14..e98c34e 100755
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -11,7 +11,7 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 20131011180207) do
+ActiveRecord::Schema.define(:version => 20131112235256) do
 
   create_table "benefits", :force => true do |t|
     t.datetime "created_at", :null => false
@@ -85,8 +85,9 @@ ActiveRecord::Schema.define(:version => 20131011180207) do
     t.integer  "years_worked"
     t.string   "SSN"
     t.date     "DoB"
-    t.datetime "created_at",   :null => false
-    t.datetime "updated_at",   :null => false
+    t.datetime "created_at",    :null => false
+    t.datetime "updated_at",    :null => false
+    t.binary   "encrypted_ssn"
   end
 
 end