undid some mistakes

app/controllers/sessions_controller.rb

@@ -3,14 +3,14 @@ class SessionsController < ApplicationController
   skip_before_filter :authenticated, :only => [:new, :create]
   
   def new
-    redirect_to dashboard_home_path(:dashboard_id => current_user.id) if current_user && current_user.id
+    redirect_to home_dashboard_index_path if current_user
   end
   
   def create
       user = User.authenticate(params[:email], params[:password])
       if user
         session[:id] = user.id if User.where(:id => user.id).exists?
-        redirect_to dashboard_home_path(:dashboard_id => user.id)
+        redirect_to home_dashboard_index_path
       else
         render "new"
       end

app/controllers/tutorials_controller.rb

@@ -1,2 +1,8 @@
 class TutorialsController < ApplicationController
+  
+  skip_before_filter :authenticated
+  
+  def injection
+  end
+  
 end

app/controllers/users_controller.rb

@@ -10,7 +10,7 @@ class UsersController < ApplicationController
     user = User.new(params[:user])
     if user.save
       session[:id] = user.id
-      redirect_to dashboard_home_path(:dashboard_id => user.id)
+      redirect_to home_dashboard_index_path
     else
       @user = User.new
       render :new

app/views/layouts/shared/_header.html.erb

@@ -11,12 +11,7 @@
        <ul class="dropdown-menu pull-right">
          <li>
            <a href="#">
-             Edit Profile
-           </a>
-         </li>
-         <li>
-           <a href="#">
-             Account Settings
+             account settings
            </a>
          </li>
          <li>

app/views/layouts/tutorials.html.erb

@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html>
+<head>
+  <title>RailsGoat</title>
+  <%= stylesheet_link_tag    "application", :media => "all" %>
+  <%= javascript_include_tag "application" %>
+  <%#= csrf_meta_tags %> <!-- <~ What is this for? I hear it helps w/ JS and Sea-surfing.....whatevz -->
+
+ <script type="text/javascript" src="http://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
+ <!--[if lte IE 7]>
+ <script src="assets/fonts/lte-ie7.js">
+ </script>
+ <![endif]--> 
+
+ <!-- Google Visualization JS -->
+ <script type="text/javascript" src="https://www.google.com/jsapi"></script>
+
+</head>
+<body>
+
+<%= render "layouts/tutorial/header" %>	
+<%= render "layouts/tutorial/sidebar" %>	
+
+<div class="container-fluid">
+	<div class="dashboard-wrapper">
+		<%= yield %>
+	</div>
+</div>	
+	<%= render "layouts/shared/footer" %>
+</body>
+</html>

config/routes.rb

@@ -13,11 +13,20 @@ resources :users do
 end
 
 resources :tutorials do
-
+  collection do 
+    get "injection"
+    get "xss"
+    get "broken_auth"
+    get "insecure_doa"
+    get "csrf"
+    get "security"
+  end
 end
 
-resources :dashboard do 
-  get "home" => "dashboard#home"
+resources :dashboard do
+  collection do 
+    get "home"
+  end
 end
 
 root :to => "sessions#new"