From 9ea97126b8a21ba7a5f3c8de4c8802a3091ba2c6 Mon Sep 17 00:00:00 2001
From: "rogan.dawes" <rogan.dawes@4033779f-a91e-0410-96ef-6bf7bf53c507>
Date: Wed, 18 Jul 2007 13:31:11 +0000
Subject: [PATCH] Use AbstractLesson.getLink() and getFormAction() more

Rather than constructing URL's manually all the time, rather
make use of existing mechanisms to create the URL, and use
it consistently.


git-svn-id: http://webgoat.googlecode.com/svn/trunk@184 4033779f-a91e-0410-96ef-6bf7bf53c507
---
 .../owasp/webgoat/lessons/AbstractLesson.java |  4 +-
 .../org/owasp/webgoat/lessons/CSRF.java       | 10 ++---
 .../owasp/webgoat/lessons/DOMInjection.java   |  4 +-
 .../owasp/webgoat/lessons/JSONInjection.java  |  5 +--
 .../webgoat/lessons/SilentTransactions.java   |  5 +--
 .../owasp/webgoat/lessons/XMLInjection.java   |  5 +--
 .../org/owasp/webgoat/session/WebSession.java | 37 +------------------
 .../lessons/ConfManagement/config.jsp         | 10 +++--
 .../CrossSiteScripting/EditProfile.jsp        |  2 +-
 .../lessons/CrossSiteScripting/ListStaff.jsp  |  2 +-
 .../lessons/CrossSiteScripting/Login.jsp      |  2 +-
 .../CrossSiteScripting/SearchStaff.jsp        |  2 +-
 .../CrossSiteScripting/ViewProfile.jsp        |  6 +--
 .../DBCrossSiteScripting/EditProfile.jsp      |  2 +-
 .../DBCrossSiteScripting/ListStaff.jsp        |  2 +-
 .../lessons/DBCrossSiteScripting/Login.jsp    |  2 +-
 .../DBCrossSiteScripting/SearchStaff.jsp      |  2 +-
 .../DBCrossSiteScripting/ViewProfile.jsp      |  6 +--
 .../lessons/DBSQLInjection/EditProfile.jsp    |  2 +-
 .../lessons/DBSQLInjection/ListStaff.jsp      |  2 +-
 .../lessons/DBSQLInjection/Login.jsp          |  2 +-
 .../lessons/DBSQLInjection/SearchStaff.jsp    |  2 +-
 .../lessons/DBSQLInjection/ViewProfile.jsp    |  6 +--
 .../GoatHillsFinancial/EditProfile.jsp        |  2 +-
 .../lessons/GoatHillsFinancial/ListStaff.jsp  |  2 +-
 .../lessons/GoatHillsFinancial/Login.jsp      |  2 +-
 .../GoatHillsFinancial/SearchStaff.jsp        |  2 +-
 .../GoatHillsFinancial/ViewProfile.jsp        |  6 +--
 .../lessons/GoatHillsFinancial/error.jsp      |  2 +-
 .../RoleBasedAccessControl/EditProfile.jsp    |  2 +-
 .../RoleBasedAccessControl/ListStaff.jsp      |  2 +-
 .../lessons/RoleBasedAccessControl/Login.jsp  |  2 +-
 .../RoleBasedAccessControl/SearchStaff.jsp    |  2 +-
 .../RoleBasedAccessControl/ViewProfile.jsp    |  6 +--
 .../lessons/RoleBasedAccessControl/error.jsp  |  2 +-
 .../lessons/SQLInjection/EditProfile.jsp      |  2 +-
 .../lessons/SQLInjection/ListStaff.jsp        |  2 +-
 .../WebContent/lessons/SQLInjection/Login.jsp |  2 +-
 .../lessons/SQLInjection/SearchStaff.jsp      |  2 +-
 .../lessons/SQLInjection/ViewProfile.jsp      |  6 +--
  webgoat/main/project/WebContent/main.jsp     |  2 +-
 41 files changed, 61 insertions(+), 109 deletions(-)

diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java
index 531dcf367..bba7c5a28 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/AbstractLesson.java	
@@ -795,9 +795,9 @@ public abstract class AbstractLesson extends Screen implements Comparable
     }
 
 
-    protected String getFormAction()
+    public String getFormAction()
     {
-	return "attack" + "?menu=" + getCategory().getRanking();
+	return getLink();
     }
 
 
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CSRF.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CSRF.java
index 0bb336f23..e19cedb5e 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CSRF.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/CSRF.java	
@@ -186,10 +186,8 @@ public class CSRF extends LessonAdapter {
 
 				for ( int i = 0; results.next(); i++ )
 				{
-					String link = "<a href='attack?" + NUMBER + "=" + results.getInt( NUM_COL ) +
-			        "&Screen=" + String.valueOf(getScreenId()) +
-			        "&menu=" + getDefaultCategory().getRanking().toString() +
-			        "' style='cursor:hand'>" +  results.getString( TITLE_COL ) + "</a>";
+					String link = "<a href='" + getLink() + "&" + NUMBER + "=" + results.getInt( NUM_COL ) +
+					"' style='cursor:hand'>" +  results.getString( TITLE_COL ) + "</a>";
 					TD td = new TD().addElement( link );
 					TR tr = new TR().addElement( td );
 					t.addElement( tr );
@@ -297,9 +295,7 @@ public class CSRF extends LessonAdapter {
 		hints.add( "Enter some text and try to include an image in there." );
 		hints.add( "In order to make the picture almost invisible try to add width=\"1\" and height=\"1\"." );
 		hints.add( "The format of an image in html is <pre>&lt;img src=\"[URL]\" width=\"1\" height=\"1\" /&gt;</pre>");		
-		hints.add( "Include this URL in the message <pre>&lt;img src='http://localhost/WebGoat/attack?"+
-			        "Screen=" + String.valueOf(getScreenId()) +
-			        "&menu=" + getDefaultCategory().getRanking().toString() +
+		hints.add( "Include this URL in the message <pre>&lt;img src='" + getLink() +
 			        "&transferFunds=5000' width=\"1\" height=\"1\" /&gt;</pre>");
 		
 		return hints;
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java
index d8fc9261a..45faa4561 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/DOMInjection.java	
@@ -95,9 +95,7 @@ public class DOMInjection extends LessonAdapter
 	String lineSep = System.getProperty("line.separator");
 	String script = "<script>" + lineSep + "function validate() {"
 		+ lineSep + "var keyField = document.getElementById('key');"
-		+ lineSep + "var url = '/WebGoat/attack?Screen="
-		+ String.valueOf(getScreenId()) + "&menu="
-		+ getDefaultCategory().getRanking().toString()
+		+ lineSep + "var url = '" + getLink() 
 		+ "&from=ajax&key=' + encodeURIComponent(keyField.value);"
 		+ lineSep + "if (typeof XMLHttpRequest != 'undefined') {"
 		+ lineSep + "req = new XMLHttpRequest();" + lineSep
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/JSONInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/JSONInjection.java
index 9a9d0f226..5920131e0 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/JSONInjection.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/JSONInjection.java	
@@ -135,10 +135,7 @@ public class JSONInjection extends LessonAdapter
 		+ lineSep
 		+ "if (toField.value.length < 3 ) { return; }"
 		+ lineSep
-		+ "var url = '/WebGoat/attack?Screen="
-		+ String.valueOf(getScreenId())
-		+ "&menu="
-		+ getDefaultCategory().getRanking().toString()
+		+ "var url = '" + getLink() 
 		+ "&from=ajax&"
 		+ TRAVEL_FROM
 		+ "=' + encodeURIComponent(fromField.value) +"
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SilentTransactions.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SilentTransactions.java
index 6c424633e..1e82528fb 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SilentTransactions.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/SilentTransactions.java	
@@ -189,10 +189,7 @@ public class SilentTransactions extends LessonAdapter
 		+ lineSep
 		+ "function submitData(accountNo, balance) {"
 		+ lineSep
-		+ "var url = '/WebGoat/attack?Screen="
-		+ String.valueOf(getScreenId())
-		+ "&menu="
-		+ getDefaultCategory().getRanking().toString()
+		+ "var url = '" + getLink()
 		+ "&from=ajax&newAccount='+ accountNo+ '&amount=' + balance +'&confirm=' + document.getElementById('confirm').value; "
 		+ lineSep + "if (typeof XMLHttpRequest != 'undefined') {"
 		+ lineSep + "req = new XMLHttpRequest();" + lineSep
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/XMLInjection.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/XMLInjection.java
index 608affaa1..b5feeec3c 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/XMLInjection.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/lessons/XMLInjection.java	
@@ -159,10 +159,7 @@ public class XMLInjection extends LessonAdapter
 		+ lineSep
 		+ "if (accountIDField.value.length < 6 ) { return; }"
 		+ lineSep
-		+ "var url = '/WebGoat/attack?Screen="
-		+ String.valueOf(getScreenId())
-		+ "&menu="
-		+ getDefaultCategory().getRanking().toString()
+		+ "var url = '" + getLink()
 		+ "&from=ajax&"
 		+ ACCOUNTID
 		+ "=' + encodeURIComponent(accountIDField.value);"
diff --git a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java
index d6b1711cc..7ab754805 100644
--- a/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java	
+++ b/ webgoat/main/project/JavaSource/org/owasp/webgoat/session/WebSession.java	
@@ -360,42 +360,7 @@ public class WebSession
 
 	public String getRestartLink()
 	{
-		List<String> parameters = new ArrayList<String>();
-		
-		String screenValue = request.getParameter(SCREEN);
-		if (screenValue != null)
-			parameters.add(SCREEN + "=" + screenValue);
-		
-		String menuValue = request.getParameter(MENU);
-		if (menuValue != null)
-			parameters.add(MENU + "=" + menuValue);
-		
-		parameters.add(RESTART + "=" + currentScreen);
-		
-		return makeQuery("attack", parameters);
-	}
-	
-	private String makeQuery(String resource, List parameters)
-	{
-		StringBuffer query = new StringBuffer(resource);
-		
-		boolean isFirstParameter = true;
-		Iterator i = parameters.iterator();
-		
-		while (i.hasNext())
-		{
-			String parameter = (String) i.next();
-			if (isFirstParameter)
-			{
-				query.append("?");
-				isFirstParameter = false;
-			}
-			else
-				query.append("&");
-			query.append(parameter);
-		}
-		
-		return query.toString();
+		return getCurrentLesson().getLink() + "&" + RESTART + "=" + getCurrentScreen();
 	}
 	
 	public String getCurrentLink()
diff --git a/ webgoat/main/project/WebContent/lessons/ConfManagement/config.jsp b/ webgoat/main/project/WebContent/lessons/ConfManagement/config.jsp
index 53836e33d..7abe1430f 100644
--- a/ webgoat/main/project/WebContent/lessons/ConfManagement/config.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/ConfManagement/config.jsp	
@@ -1,5 +1,9 @@
 <%@ page language="java" contentType="text/html; charset=ISO-8859-1"
-    pageEncoding="ISO-8859-1"%>
+    pageEncoding="ISO-8859-1"%>
+<%@page import="org.owasp.webgoat.session.WebSession"%>
+<%
+WebSession webSession = ((WebSession)session.getAttribute("websession"));
+%>
 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
 <html>
 <head>
@@ -7,9 +11,7 @@
 <title>Configuration Page</title>
 </head>
 <body>
-<% response.sendRedirect("/WebGoat/attack?" +
-		        "Screen=" + request.getParameter("Screen") +
-		        "&menu=" + request.getParameter("menu") +
+<% response.sendRedirect(webSession.getCurrentLesson().getLink() +
 		        "&succeeded=yes"); 
 %>
 
diff --git a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/EditProfile.jsp b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/EditProfile.jsp
index 7769a71c5..13952f612 100644
--- a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/EditProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/EditProfile.jsp	
@@ -7,7 +7,7 @@
 %>
 		<div class="lesson_title_box"><strong>Welcome Back </strong><span class="lesson_text_db"><%=webSession.getUserNameInLesson()%></span></div>
 		<div class="lesson_text">
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 				<Table>
 				<TR><TD>
 						First Name:
diff --git a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ListStaff.jsp b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ListStaff.jsp
index d4cf38d1e..2a8d07731 100644
--- a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ListStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ListStaff.jsp	
@@ -10,7 +10,7 @@
 		<br>
 		<br>
 		<p>Select from the list below	</p>
-		<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+		<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
   <table width="60%" border="0" cellpadding="3">
     <tr>
       <td>  <label>
diff --git a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/Login.jsp b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/Login.jsp
index 085019341..8ef30389c 100644
--- a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/Login.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/Login.jsp	
@@ -6,7 +6,7 @@
 			<% 
 			WebSession webSession = ((WebSession)session.getAttribute("websession"));
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>
 			      	<select name="<%=CrossSiteScripting.EMPLOYEE_ID%>">
 			      	<%
diff --git a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/SearchStaff.jsp b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/SearchStaff.jsp
index 83ceee0ca..4e1f6885c 100644
--- a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/SearchStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/SearchStaff.jsp	
@@ -12,7 +12,7 @@
 			<%
 			}
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>Name
 					<input class="lesson_text_db" type="text" name="<%=CrossSiteScripting.SEARCHNAME%>"/>
 		        </label>
diff --git a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ViewProfile.jsp b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ViewProfile.jsp
index 0b39a5dbd..e9d293a47 100644
--- a/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ViewProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/CrossSiteScripting/ViewProfile.jsp	
@@ -116,7 +116,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.LISTSTAFF_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=CrossSiteScripting.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=CrossSiteScripting.LISTSTAFF_ACTION%>"/>
 						</form></td>
@@ -128,7 +128,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.EDITPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=CrossSiteScripting.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=CrossSiteScripting.EDITPROFILE_ACTION%>"/>
 						</form>
@@ -141,7 +141,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), CrossSiteScripting.DELETEPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=CrossSiteScripting.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=CrossSiteScripting.DELETEPROFILE_ACTION%>"/>
 						</form>
diff --git a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/EditProfile.jsp b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/EditProfile.jsp
index b4f869d3e..42f5f08e1 100755
--- a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/EditProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/EditProfile.jsp	
@@ -7,7 +7,7 @@
 %>
 		<div class="lesson_title_box"><strong>Welcome Back </strong><span class="lesson_text_db"><%=webSession.getUserNameInLesson()%></span></div>
 		<div class="lesson_text">
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 				<Table>
 				<TR><TD>
 						First Name:
diff --git a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ListStaff.jsp b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ListStaff.jsp
index 4a7c2bdff..60c963f11 100755
--- a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ListStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ListStaff.jsp	
@@ -10,7 +10,7 @@
 		<br>
 		<br>
 		<p>Select from the list below	</p>
-		<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+		<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
   <table width="60%" border="0" cellpadding="3">
     <tr>
       <td>  <label>
diff --git a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/Login.jsp b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/Login.jsp
index 607971305..1732cba0a 100755
--- a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/Login.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/Login.jsp	
@@ -6,7 +6,7 @@
 			<% 
 			WebSession webSession = ((WebSession)session.getAttribute("websession"));
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>
 			      	<select name="<%=DBCrossSiteScripting.EMPLOYEE_ID%>">
 			      	<%
diff --git a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/SearchStaff.jsp b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/SearchStaff.jsp
index e811c0ff8..ddc5519b5 100755
--- a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/SearchStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/SearchStaff.jsp	
@@ -12,7 +12,7 @@
 			<%
 			}
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>Name
 					<input class="lesson_text_db" type="text" name="<%=DBCrossSiteScripting.SEARCHNAME%>"/>
 		        </label>
diff --git a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ViewProfile.jsp b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ViewProfile.jsp
index 7780c2809..d18cd705a 100755
--- a/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ViewProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBCrossSiteScripting/ViewProfile.jsp	
@@ -109,7 +109,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), DBCrossSiteScripting.LISTSTAFF_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=DBCrossSiteScripting.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=DBCrossSiteScripting.LISTSTAFF_ACTION%>"/>
 						</form></td>
@@ -121,7 +121,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), DBCrossSiteScripting.EDITPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=DBCrossSiteScripting.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=DBCrossSiteScripting.EDITPROFILE_ACTION%>"/>
 						</form>
@@ -134,7 +134,7 @@ WebSession webSession = ((WebSession)session.getAttribute("websession"));
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), DBCrossSiteScripting.DELETEPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=DBCrossSiteScripting.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=DBCrossSiteScripting.DELETEPROFILE_ACTION%>"/>
 						</form>
diff --git a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/EditProfile.jsp b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/EditProfile.jsp
index d27c51ebe..55c7dc673 100755
--- a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/EditProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/EditProfile.jsp	
@@ -7,7 +7,7 @@
 %>
 		<div class="lesson_title_box"><strong>Welcome Back </strong><span class="lesson_text_db"><%=webSession.getUserNameInLesson()%></span></div>
 		<div class="lesson_text">
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 				<Table>
 				<TR><TD>
 						First Name:
diff --git a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ListStaff.jsp b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ListStaff.jsp
index 257b4f726..035ab564c 100755
--- a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ListStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ListStaff.jsp	
@@ -11,7 +11,7 @@
 		<br>
 		<p>Select from the list below	</p>
 
-		<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+		<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
   <table width="60%" border="0" cellpadding="3">
     <tr>
       <td>  <label>
diff --git a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/Login.jsp b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/Login.jsp
index c5b8711a8..12877d66b 100755
--- a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/Login.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/Login.jsp	
@@ -6,7 +6,7 @@
 			<% 
 			WebSession webSession = ((WebSession)session.getAttribute("websession"));
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>
 			      	<select name="<%=DBSQLInjection.EMPLOYEE_ID%>">
 			      	<%
diff --git a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/SearchStaff.jsp b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/SearchStaff.jsp
index a2a24fb7d..0c42a5a32 100755
--- a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/SearchStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/SearchStaff.jsp	
@@ -12,7 +12,7 @@
 			<%
 			}
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>Name
 					<input class="lesson_text_db" type="text" name="<%=DBSQLInjection.SEARCHNAME%>"/>
 		        </label>
diff --git a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ViewProfile.jsp b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ViewProfile.jsp
index e444fa3dd..bd9151a63 100755
--- a/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ViewProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/DBSQLInjection/ViewProfile.jsp	
@@ -109,7 +109,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), DBSQLInjection.LISTSTAFF_ACTION))
 					 {
 					 %>                	
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=DBSQLInjection.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=DBSQLInjection.LISTSTAFF_ACTION%>"/>
 						</form>
@@ -122,7 +122,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), DBSQLInjection.EDITPROFILE_ACTION))
 					 {
 					 %>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=DBSQLInjection.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=DBSQLInjection.EDITPROFILE_ACTION%>"/>
 						</form>
@@ -135,7 +135,7 @@
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), DBSQLInjection.DELETEPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=DBSQLInjection.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=DBSQLInjection.DELETEPROFILE_ACTION%>"/>
 						</form>
diff --git a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/EditProfile.jsp b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/EditProfile.jsp
index adc43dceb..d486230e7 100755
--- a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/EditProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/EditProfile.jsp	
@@ -7,7 +7,7 @@
 %>
 		<div class="lesson_title_box"><strong>Welcome Back </strong><span class="lesson_text_db"><%=webSession.getUserNameInLesson()%></span> - Edit Profile Page</div>
 		<div class="lesson_text">
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 <Table border="0" cellpadding="0" cellspacing="0">
 				<TR><TD width="110">
 						First Name:
diff --git a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ListStaff.jsp b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ListStaff.jsp
index 8bb414b0d..f3bbd0055 100755
--- a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ListStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ListStaff.jsp	
@@ -11,7 +11,7 @@
 		<br>
 		<p>Select from the list below	</p>
 
-		<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+		<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
   <table width="60%" border="0" cellpadding="3">
     <tr>
       <td>  <label>
diff --git a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/Login.jsp b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/Login.jsp
index a48eef7a4..1336ccfb3 100755
--- a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/Login.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/Login.jsp	
@@ -6,7 +6,7 @@
 			<% 
 			WebSession webSession = ((WebSession)session.getAttribute("websession"));
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>
 			      	<select name="<%=GoatHillsFinancial.EMPLOYEE_ID%>">
 			      	<%
diff --git a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/SearchStaff.jsp b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/SearchStaff.jsp
index d88942ae5..611a826fd 100755
--- a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/SearchStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/SearchStaff.jsp	
@@ -12,7 +12,7 @@
 			<%
 			}
 			%>
-				<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+				<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>Name
 					<input class="lesson_text_db" type="text" name="<%=GoatHillsFinancial.SEARCHNAME%>"/>
 		        </label>
diff --git a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ViewProfile.jsp b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ViewProfile.jsp
index aa2a95fb9..a03d60a07 100755
--- a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ViewProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/ViewProfile.jsp	
@@ -113,7 +113,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), GoatHillsFinancial.LISTSTAFF_ACTION))
 					 {
 					 %>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=GoatHillsFinancial.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=GoatHillsFinancial.LISTSTAFF_ACTION%>"/>
 						</form>
@@ -125,7 +125,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), GoatHillsFinancial.EDITPROFILE_ACTION))
 					 {
 					 %>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=GoatHillsFinancial.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=GoatHillsFinancial.EDITPROFILE_ACTION%>"/>
 						</form>
@@ -138,7 +138,7 @@
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), GoatHillsFinancial.DELETEPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=GoatHillsFinancial.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=GoatHillsFinancial.DELETEPROFILE_ACTION%>"/>
 						</form>
diff --git a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/error.jsp b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/error.jsp
index 556f3200a..a3294f134 100755
--- a/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/error.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/GoatHillsFinancial/error.jsp	
@@ -7,7 +7,7 @@
 %>
 <br><br><br>An error has occurred.
 <br><br><br>
-<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 
  <input type="submit" name="action" value="<%=GoatHillsFinancial.LOGIN_ACTION%>"/>
 </form>
\ No newline at end of file
diff --git a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/EditProfile.jsp b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/EditProfile.jsp
index 806804954..467c53f04 100644
--- a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/EditProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/EditProfile.jsp	
@@ -7,7 +7,7 @@
 %>
 		<div class="lesson_title_box"><strong>Welcome Back </strong><span class="lesson_text_db"><%=webSession.getUserNameInLesson()%></span> - Edit Profile Page</div>
 		<div class="lesson_text">
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 <Table border="0" cellpadding="0" cellspacing="0">
 				<TR><TD width="110">
 						First Name:
diff --git a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ListStaff.jsp b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ListStaff.jsp
index 8f6283b0a..a3c2158de 100644
--- a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ListStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ListStaff.jsp	
@@ -11,7 +11,7 @@
 		<br>
 		<p>Select from the list below	</p>
 
-		<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+		<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
   <table width="60%" border="0" cellpadding="3">
     <tr>
       <td>  <label>
diff --git a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/Login.jsp b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/Login.jsp
index edb3f8c1a..02d5fb8a3 100644
--- a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/Login.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/Login.jsp	
@@ -6,7 +6,7 @@
 			<% 
 			WebSession webSession = ((WebSession)session.getAttribute("websession"));
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>
 			      	<select name="<%=RoleBasedAccessControl.EMPLOYEE_ID%>">
 			      	<%
diff --git a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/SearchStaff.jsp b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/SearchStaff.jsp
index a5b53c530..a9a9f3af2 100644
--- a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/SearchStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/SearchStaff.jsp	
@@ -12,7 +12,7 @@
 			<%
 			}
 			%>
-				<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+				<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>Name
 					<input class="lesson_text_db" type="text" name="<%=RoleBasedAccessControl.SEARCHNAME%>"/>
 		        </label>
diff --git a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp
index 8029450b6..896eec8f3 100644
--- a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/ViewProfile.jsp	
@@ -113,7 +113,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.LISTSTAFF_ACTION))
 					 {
 					 %>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=RoleBasedAccessControl.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=RoleBasedAccessControl.LISTSTAFF_ACTION%>"/>
 						</form>
@@ -125,7 +125,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.EDITPROFILE_ACTION))
 					 {
 					 %>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=RoleBasedAccessControl.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=RoleBasedAccessControl.EDITPROFILE_ACTION%>"/>
 						</form>
@@ -138,7 +138,7 @@
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), RoleBasedAccessControl.DELETEPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=RoleBasedAccessControl.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=RoleBasedAccessControl.DELETEPROFILE_ACTION%>"/>
 						</form>
diff --git a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/error.jsp b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/error.jsp
index fd541a0ef..419740ee7 100644
--- a/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/error.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/RoleBasedAccessControl/error.jsp	
@@ -7,7 +7,7 @@
 %>
 <br><br><br>An error has occurred.
 <br><br><br>
-<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 
  <input type="submit" name="action" value="<%=RoleBasedAccessControl.LOGIN_ACTION%>"/>
 </form>
\ No newline at end of file
diff --git a/ webgoat/main/project/WebContent/lessons/SQLInjection/EditProfile.jsp b/ webgoat/main/project/WebContent/lessons/SQLInjection/EditProfile.jsp
index 158b58c9b..38ca58086 100644
--- a/ webgoat/main/project/WebContent/lessons/SQLInjection/EditProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/SQLInjection/EditProfile.jsp	
@@ -7,7 +7,7 @@
 %>
 		<div class="lesson_title_box"><strong>Welcome Back </strong><span class="lesson_text_db"><%=webSession.getUserNameInLesson()%></span></div>
 		<div class="lesson_text">
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 				<Table>
 				<TR><TD>
 						First Name:
diff --git a/ webgoat/main/project/WebContent/lessons/SQLInjection/ListStaff.jsp b/ webgoat/main/project/WebContent/lessons/SQLInjection/ListStaff.jsp
index d89d3fb3e..425867c3b 100644
--- a/ webgoat/main/project/WebContent/lessons/SQLInjection/ListStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/SQLInjection/ListStaff.jsp	
@@ -11,7 +11,7 @@
 		<br>
 		<p>Select from the list below	</p>
 
-		<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+		<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
   <table width="60%" border="0" cellpadding="3">
     <tr>
       <td>  <label>
diff --git a/ webgoat/main/project/WebContent/lessons/SQLInjection/Login.jsp b/ webgoat/main/project/WebContent/lessons/SQLInjection/Login.jsp
index a2ca81021..7a8d37cec 100644
--- a/ webgoat/main/project/WebContent/lessons/SQLInjection/Login.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/SQLInjection/Login.jsp	
@@ -6,7 +6,7 @@
 			<% 
 			WebSession webSession = ((WebSession)session.getAttribute("websession"));
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>
 			      	<select name="<%=SQLInjection.EMPLOYEE_ID%>">
 			      	<%
diff --git a/ webgoat/main/project/WebContent/lessons/SQLInjection/SearchStaff.jsp b/ webgoat/main/project/WebContent/lessons/SQLInjection/SearchStaff.jsp
index 325ea213c..cf86d0dad 100644
--- a/ webgoat/main/project/WebContent/lessons/SQLInjection/SearchStaff.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/SQLInjection/SearchStaff.jsp	
@@ -12,7 +12,7 @@
 			<%
 			}
 			%>
-			<form id="form1" name="form1" method="post" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+			<form id="form1" name="form1" method="post" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 			    	<label>Name
 					<input class="lesson_text_db" type="text" name="<%=SQLInjection.SEARCHNAME%>"/>
 		        </label>
diff --git a/ webgoat/main/project/WebContent/lessons/SQLInjection/ViewProfile.jsp b/ webgoat/main/project/WebContent/lessons/SQLInjection/ViewProfile.jsp
index 656758ae0..a05a0bc39 100644
--- a/ webgoat/main/project/WebContent/lessons/SQLInjection/ViewProfile.jsp	
+++ b/ webgoat/main/project/WebContent/lessons/SQLInjection/ViewProfile.jsp	
@@ -109,7 +109,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.LISTSTAFF_ACTION))
 					 {
 					 %>                	
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=SQLInjection.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=SQLInjection.LISTSTAFF_ACTION%>"/>
 						</form>
@@ -122,7 +122,7 @@
 					 if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.EDITPROFILE_ACTION))
 					 {
 					 %>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=SQLInjection.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=SQLInjection.EDITPROFILE_ACTION%>"/>
 						</form>
@@ -135,7 +135,7 @@
 					if (webSession.isAuthorizedInLesson(webSession.getUserIdInLesson(), SQLInjection.DELETEPROFILE_ACTION))
 					{
 					%>
-						<form method="POST" action="attack?menu=<%=webSession.getCurrentMenu()%>">
+						<form method="POST" action="<%=webSession.getCurrentLesson().getFormAction()%>">
 							<input type="hidden" name="<%=SQLInjection.EMPLOYEE_ID%>" value="<%=employee.getId()%>">
 							<input type="submit" name="action" value="<%=SQLInjection.DELETEPROFILE_ACTION%>"/>
 						</form>
diff --git a/ webgoat/main/project/WebContent/main.jsp b/ webgoat/main/project/WebContent/main.jsp
index 4a10ce30c..dd0f6e71d 100644
--- a/ webgoat/main/project/WebContent/main.jsp	
+++ b/ webgoat/main/project/WebContent/main.jsp	
@@ -141,7 +141,7 @@ StringBuffer buildList = new StringBuffer();
 				<a href="<%= webSession.getCurrentLesson().getLink() %>&show=Params" target="_top" onclick="MM_nbGroup('down','group1','params','',1)" 
 				onmouseover="MM_nbGroup('over','params','images/buttons/paramsOver.jpg','',1)" 
 				onmouseout="MM_nbGroup('out')">
-				<img src="images/buttons/params.jpg" alt="Show Params" name="attack?show=Params" width="92" height="20" border="0" id="params"/>
+				<img src="images/buttons/params.jpg" alt="Show Params" name="<%= webSession.getCurrentLesson().getLink() %>&show=Params" width="92" height="20" border="0" id="params"/>
 				</a>
 				<a href="<%= webSession.getCurrentLesson().getLink() %>&show=Cookies" target="_top" onclick="MM_nbGroup('down','group1','cookies','',1)" 
 				onmouseover="MM_nbGroup('over','cookies','images/buttons/cookiesOver.jpg','',1)"