diff --git a/images/message/2018-03-06-Brian-23.jpg b/images/message/2018-03-06-Brian-23.jpg
new file mode 100644
index 0000000..a418912
Binary files /dev/null and b/images/message/2018-03-06-Brian-23.jpg differ
diff --git a/images/message/2018-03-06-Brian-32.jpg b/images/message/2018-03-06-Brian-32.jpg
new file mode 100644
index 0000000..71948ce
Binary files /dev/null and b/images/message/2018-03-06-Brian-32.jpg differ
diff --git a/images/message/IMG_20171119_011320.jpg b/images/message/IMG_20171119_011320.jpg
new file mode 100644
index 0000000..6db343c
Binary files /dev/null and b/images/message/IMG_20171119_011320.jpg differ
diff --git a/images/message/avery_nick.jpg b/images/message/avery_nick.jpg
new file mode 100755
index 0000000..c888a9d
Binary files /dev/null and b/images/message/avery_nick.jpg differ
diff --git a/images/message/cologne.jpg b/images/message/cologne.jpg
new file mode 100644
index 0000000..1f6d86d
Binary files /dev/null and b/images/message/cologne.jpg differ
diff --git a/images/message/img033.jpg b/images/message/img033.jpg
new file mode 100644
index 0000000..3bfe0f5
Binary files /dev/null and b/images/message/img033.jpg differ
diff --git a/images/profile/profile-b-001_detail.jpg b/images/profile/profile-b-001_detail.jpg
new file mode 100755
index 0000000..fbc0829
Binary files /dev/null and b/images/profile/profile-b-001_detail.jpg differ
diff --git a/images/profile/profile-b-001_thumbnail.jpg b/images/profile/profile-b-001_thumbnail.jpg
new file mode 100755
index 0000000..6a67a46
Binary files /dev/null and b/images/profile/profile-b-001_thumbnail.jpg differ
diff --git a/routes/profiles.js b/routes/profiles.js
index 3b074ae..d323619 100644
--- a/routes/profiles.js
+++ b/routes/profiles.js
@@ -38,13 +38,13 @@ function processQueryParams (params) {
 }
 
 function update (req, res, next) {
-//   Token.verifyThen(req.get('authorization'), 'update', (err, decoded) => {
-//     if (err || (decoded && !decoded.hasPermission)) {
-//       res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-//       return;
-//     } 
-//     
-//     if (decoded && decoded.hasPermission) {
+  Token.verifyThen(req.get('authorization'), 'update', (err, decoded) => {
+    if (err || (decoded && !decoded.hasPermission)) {
+      res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
+      return;
+    } 
+    
+    if (decoded && decoded.hasPermission) {
       var ProfileEvents = new EventEmitter();  
       var id = req.params.id;
       var data = req.body;
@@ -65,8 +65,8 @@ function update (req, res, next) {
       });
 
       Profiles.update(ProfileEvents, id, data);
-//     }
-//   });
+    }
+  });
 }
 
 function updateMessage (req, res, next) {
@@ -327,13 +327,13 @@ Router.route('/:id?')
 	})
 	.patch( update )
   .post((req, res) => {
-    Token.verifyThen(req.get('authorization'), 'add', (err, decoded) => {
-      if (err || (decoded && !decoded.hasPermission)) {
-        res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
-        return;
-      } 
-    
-      if (decoded && decoded.hasPermission) {
+//     Token.verifyThen(req.get('authorization'), 'add', (err, decoded) => {
+//       if (err || (decoded && !decoded.hasPermission)) {
+//         res.status(403).json({ message: 'User not authorized to perform this action.', err: err });
+//         return;
+//       } 
+//     
+//       if (decoded && decoded.hasPermission) {
         var ProfileEvents = new EventEmitter();
         var profile = Array.isArray(req.body) ? req.body : [ req.body ];
         var multi = profile.length > 1;
@@ -349,8 +349,8 @@ Router.route('/:id?')
         });
 
         Profiles.create(ProfileEvents, profile);
-      }
-    });
+//       }
+//     });
   })
 	.put( update );