diff --git a/www/hit.dat b/www/hit.dat
index bf0d87a..e69de29 100644
--- a/www/hit.dat
+++ b/www/hit.dat
@@ -1 +0,0 @@
-4
\ No newline at end of file
diff --git a/www/msg.dat b/www/msg.dat
index 715ca57..e69de29 100644
--- a/www/msg.dat
+++ b/www/msg.dat
@@ -1,2 +0,0 @@
-<hr><p>Från: admin admin</p><p>admin</p><hr><p>Från: samuel dexe</p><p>hej</p><hr><p>Från: admin admin</p><p>hej på dig också
-</p><hr><p>Från: johan 123</p><p>hej</p>
\ No newline at end of file
diff --git a/www/public/Moment-3/bilder/bgImg.png b/www/public/Moment-3&4/bilder/bgImg.png
similarity index 100%
rename from www/public/Moment-3/bilder/bgImg.png
rename to www/public/Moment-3&4/bilder/bgImg.png
diff --git a/www/public/Moment-3/css/styleSheet.css b/www/public/Moment-3&4/css/styleSheet.css
similarity index 100%
rename from www/public/Moment-3/css/styleSheet.css
rename to www/public/Moment-3&4/css/styleSheet.css
diff --git a/www/public/Moment-3/dataBas/addUser.php b/www/public/Moment-3&4/dataBas/addUser.php
similarity index 100%
rename from www/public/Moment-3/dataBas/addUser.php
rename to www/public/Moment-3&4/dataBas/addUser.php
diff --git a/www/public/Moment-3/dataBas/besökRäknare.php b/www/public/Moment-3&4/dataBas/besökRäknare.php
similarity index 100%
rename from www/public/Moment-3/dataBas/besökRäknare.php
rename to www/public/Moment-3&4/dataBas/besökRäknare.php
diff --git a/www/public/Moment-3/dataBas/cleanData.php b/www/public/Moment-3&4/dataBas/cleanData.php
similarity index 100%
rename from www/public/Moment-3/dataBas/cleanData.php
rename to www/public/Moment-3&4/dataBas/cleanData.php
diff --git a/www/public/Moment-3/dataBas/saveMSG.php b/www/public/Moment-3&4/dataBas/saveMSG.php
similarity index 61%
rename from www/public/Moment-3/dataBas/saveMSG.php
rename to www/public/Moment-3&4/dataBas/saveMSG.php
index 72dbe49..6878615 100644
--- a/www/public/Moment-3/dataBas/saveMSG.php
+++ b/www/public/Moment-3&4/dataBas/saveMSG.php
@@ -1,7 +1,9 @@
 <?php
-if(isset($_POST['message'])) {
+include('cleanData.php');
+if(isset($_POST['message']) && $_SESSION['CSRFToken'] === $_POST['CSRFToken']) {
     $name = "<hr><p>Från: " . $_SESSION['förnamn'] . ' ' . $_SESSION['efternamn'] ."</p>";
     $msg = "<p>" . $_POST['message'] . "</p>";
+    $msg = cleanData($msg);
 
     file_put_contents("../../msg.dat", $name . $msg, FILE_APPEND);
 }
diff --git a/www/public/Moment-3/dataBas/user.php b/www/public/Moment-3&4/dataBas/user.php
similarity index 100%
rename from www/public/Moment-3/dataBas/user.php
rename to www/public/Moment-3&4/dataBas/user.php
diff --git a/www/public/Moment-3/inLoggning.php b/www/public/Moment-3&4/inLoggning.php
similarity index 75%
rename from www/public/Moment-3/inLoggning.php
rename to www/public/Moment-3&4/inLoggning.php
index f30a868..52243df 100644
--- a/www/public/Moment-3/inLoggning.php
+++ b/www/public/Moment-3&4/inLoggning.php
@@ -3,6 +3,7 @@ include('dataBas/user.php');
 include('dataBas/addUser.php');
 include('dataBas/cleanData.php');
 session_start();
+$_SESSION['CSRFToken'] = bin2hex(random_bytes(32));
 ?>
 
 <!DOCTYPE html>
@@ -47,20 +48,21 @@ session_start();
     <?php
     if ($_SERVER['REQUEST_METHOD'] == 'POST') {
         if ($_POST['form_id'] === 'sign_up') {
-            $förnamn = cleandata($_POST['förnamn']);
-            $användarnamn = cleandata($_POST['användarnamn']);
-            $lösenord = cleandata($_POST['lösenord']);
-            $efternamn = cleandata($_POST['efternamn']);
+            $förnamn = filter_input(INPUT_POST, 'förnamn',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
+            $användarnamn = filter_input(INPUT_POST, 'användarnamn',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
+            $lösenord = password_hash($_POST['lösenord'], PASSWORD_DEFAULT);
+            $efternamn = filter_input(INPUT_POST,'efternamn',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
 
             $newUser = new user($förnamn, $efternamn, $användarnamn, $lösenord);
             addUser($newUser, $file);
         }
         if ($_POST['form_id'] === 'sign_in') {
-            $lösenord = cleandata($_POST['lösenord']);
-            $användarnamn = cleandata($_POST['användarnamn']);
+            $lösenord = $_POST['lösenord'];
+            $användarnamn = filter_input(INPUT_POST, 'användarnamn',FILTER_SANITIZE_FULL_SPECIAL_CHARS);
 
             foreach (readUserData($file) as $user) {
-                if ($lösenord == $user->getLösenord() && $användarnamn == $user->getAnvändarnamn()) {
+                if (password_verify($lösenord, $user->getLösenord()) && $användarnamn == $user->getAnvändarnamn()) { 
+                    session_regenerate_id(true);
                     $_SESSION['inloggad'] = true;    // Användaren har anget rätt uppgifter.
                     $_SESSION['förnamn'] = $user->getFörnamn();
                     $_SESSION['efternamn'] = $user->getEfternamn();
diff --git a/www/public/Moment-3/inc/aside.php b/www/public/Moment-3&4/inc/aside.php
similarity index 100%
rename from www/public/Moment-3/inc/aside.php
rename to www/public/Moment-3&4/inc/aside.php
diff --git a/www/public/Moment-3/inc/footer.php b/www/public/Moment-3&4/inc/footer.php
similarity index 100%
rename from www/public/Moment-3/inc/footer.php
rename to www/public/Moment-3&4/inc/footer.php
diff --git a/www/public/Moment-3/inc/header.php b/www/public/Moment-3&4/inc/header.php
similarity index 100%
rename from www/public/Moment-3/inc/header.php
rename to www/public/Moment-3&4/inc/header.php
diff --git a/www/public/Moment-3/inc/meny.php b/www/public/Moment-3&4/inc/meny.php
similarity index 100%
rename from www/public/Moment-3/inc/meny.php
rename to www/public/Moment-3&4/inc/meny.php
diff --git a/www/public/Moment-3/index.php b/www/public/Moment-3&4/index.php
similarity index 100%
rename from www/public/Moment-3/index.php
rename to www/public/Moment-3&4/index.php
diff --git a/www/public/Moment-3/loggOut.php b/www/public/Moment-3&4/loggOut.php
similarity index 79%
rename from www/public/Moment-3/loggOut.php
rename to www/public/Moment-3&4/loggOut.php
index fd8c66d..52c7f67 100644
--- a/www/public/Moment-3/loggOut.php
+++ b/www/public/Moment-3&4/loggOut.php
@@ -2,7 +2,7 @@
     session_start();
     
     $_SESSION = array(); // Tömmer sessionsarrayen    
-    session_destroy();
+    session_regenerate_id(true);
     
     header("Location: index.php");
 ?>
\ No newline at end of file
diff --git a/www/public/Moment-3/pages/bilder.php b/www/public/Moment-3&4/pages/bilder.php
similarity index 100%
rename from www/public/Moment-3/pages/bilder.php
rename to www/public/Moment-3&4/pages/bilder.php
diff --git a/www/public/Moment-3/pages/blogg.php b/www/public/Moment-3&4/pages/blogg.php
similarity index 100%
rename from www/public/Moment-3/pages/blogg.php
rename to www/public/Moment-3&4/pages/blogg.php
diff --git a/www/public/Moment-3&4/pages/klotter.php b/www/public/Moment-3&4/pages/klotter.php
new file mode 100644
index 0000000..2027e56
--- /dev/null
+++ b/www/public/Moment-3&4/pages/klotter.php
@@ -0,0 +1,17 @@
+<?php
+if (!(isset($_SESSION['inloggad']))) {
+    echo 'Du är inte inloggad';
+} else {
+    $Token = $_SESSION['CSRFToken'];
+    echo "<h1>Klotterplanket</h1>
+    <form method='post'>
+        <label>Meddelande</label><br>
+        <textarea name='message' cols='45' rows='5'></textarea><br />
+        <input type='hidden' name='CSRFToken' value='$Token'>
+        <input type='submit' value='Skicka'>
+    </form>";
+    include('dataBas/saveMSG.php');
+    if (file_exists("../../msg.dat")) {
+        echo file_get_contents("../../msg.dat");
+    }
+}
diff --git a/www/public/Moment-3/pages/kontakt.php b/www/public/Moment-3&4/pages/kontakt.php
similarity index 100%
rename from www/public/Moment-3/pages/kontakt.php
rename to www/public/Moment-3&4/pages/kontakt.php
diff --git a/www/public/Moment-3/pages/start.php b/www/public/Moment-3&4/pages/start.php
similarity index 100%
rename from www/public/Moment-3/pages/start.php
rename to www/public/Moment-3&4/pages/start.php
diff --git a/www/public/Moment-3/pages/klotter.php b/www/public/Moment-3/pages/klotter.php
deleted file mode 100644
index e5216fa..0000000
--- a/www/public/Moment-3/pages/klotter.php
+++ /dev/null
@@ -1,15 +0,0 @@
-<?php
-if (!(isset($_SESSION['inloggad']))) {
-    echo 'Du är inte inloggad';
-} else {
-    echo '<h1>Klotterplanket</h1>
-    <form method="post">
-        <label>Meddelande</label><br>
-        <textarea name="message" cols="45" rows="5"></textarea><br />
-        <input type="submit" value="Skicka">
-    </form>';
-    include('dataBas/saveMSG.php');
-    if (file_exists("../../msg.dat")) {
-        echo file_get_contents("../../msg.dat");
-    }
-}
diff --git a/www/public/footer.html b/www/public/footer.html
index 147c6dc..e90209b 100644
--- a/www/public/footer.html
+++ b/www/public/footer.html
@@ -1,3 +1,4 @@
 <footer>
     <a href="../index.php">Tillbaka</a>
-</footer>
\ No newline at end of file
+</footer>
+
diff --git a/www/public/index.php b/www/public/index.php
index f598c81..42abe8c 100644
--- a/www/public/index.php
+++ b/www/public/index.php
@@ -9,6 +9,6 @@
     <a href="Moment-0/index.php">Moment-0</a>
     <a href="Moment-1/index.php">Moment-1</a>
     <a href="Moment-2/index.php">Moment-2</a>
-    <a href="Moment-3/index.php">Moment-3</a>
+    <a href="Moment-3&4/index.php">Moment-3</a>
 </body>
 </html>
\ No newline at end of file
diff --git a/www/userM3.dat b/www/userM3.dat
index cf79625..e69de29 100644
Binary files a/www/userM3.dat and b/www/userM3.dat differ