minor bug fixes and enhancements, including proper dollar value formatting

git-svn-id: http://webgoat.googlecode.com/svn/trunk/webgoat@364 4033779f-a91e-0410-96ef-6bf7bf53c507

main/project/WebContent/lesson_plans/HttpBasics.html

@@ -23,5 +23,5 @@ After sending the request and headers, the client may send additional data. This
 Enter your name in the input field below and press "go" to submit. The server will accept the request, reverse the input, and display it back to the user, illustrating the basics of handling an HTTP request.
 <br/><br/>
 The user should become familiar with the features of WebGoat by manipulating the above 
-buttons to view hints and solution. You have to use WebScarab for the first time.
+buttons to view hints, show the HTTP request parameters, the HTTP request cookies, and the Java source code. You may also try using WebScarab for the first time.
 <!-- Stop Instructions -->

main/project/WebContent/lesson_plans/PasswordStrength.html

@@ -3,7 +3,7 @@
 </div>
 <p><b>Concept / Topic To Teach:</b> </p>
 <!-- Start Instructions -->
-Accounts are only as secure as there passwords. Most users have the same weak password everywhere. If you want to protect them against brute-force-attacks your application should have good requirements for passwords. The password should contain lower case letters, capitals and numbers. The longer the password, the better.
+Accounts are only as secure as their passwords. Most users have the same weak password everywhere. If you want to protect them against brute-force-attacks your application should have good requirements for passwords. The password should contain lower case letters, capitals and numbers. The longer the password, the better.
 <!-- Stop Instructions -->
 <br>
 <p><b>General Goal(s):</b> </p>