diff --git a/web/app/Helpers/GridHelper.php b/web/app/Helpers/GridHelper.php
index ca88131..ac6d2f1 100644
--- a/web/app/Helpers/GridHelper.php
+++ b/web/app/Helpers/GridHelper.php
@@ -38,6 +38,6 @@ class GridHelper
 	
 	public static function createScript($scripts = [], $arguments = [])
 	{
-		
+		// TODO: XlXi: this when we get the grid working with the site
 	}
 }
diff --git a/web/app/Helpers/QAaMBHelper.php b/web/app/Helpers/QAaMBHelper.php
new file mode 100644
index 0000000..42eb6b6
--- /dev/null
+++ b/web/app/Helpers/QAaMBHelper.php
@@ -0,0 +1,141 @@
+<?php
+
+/*
+	Graphictoria 2022
+	Quick Administration and Management Bar helper
+*/
+
+namespace App\Helpers;
+
+class QAaMBHelper
+{
+	public static function wmiWBemLocatorQuery($query)
+	{
+		if(class_exists('\\COM')) {
+			try {
+				$WbemLocator = new \COM( "WbemScripting.SWbemLocator" );
+				$WbemServices = $WbemLocator->ConnectServer( '127.0.0.1', 'root\CIMV2' );
+				$WbemServices->Security_->ImpersonationLevel = 3;
+				return $WbemServices->ExecQuery( $query );
+			} catch ( \com_exception $e ) {
+				echo $e->getMessage();
+			}
+		} elseif ( ! extension_loaded( 'com_dotnet' ) )
+			trigger_error( 'It seems that the COM is not enabled in your php.ini', E_USER_WARNING );
+		else {
+			$err = error_get_last();
+			trigger_error( $err['message'], E_USER_WARNING );
+		}
+
+		return false;
+	}
+
+	public static function getSystemMemoryInfo($output_key = '')
+	{
+		return cache()->remember('QAaMB-Memory-Info', 5, function(){
+			$keys = array('MemTotal', 'MemFree', 'MemAvailable', 'SwapTotal', 'SwapFree');
+			$result = array();
+
+			try {
+				if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') {
+					// LINUX
+					
+					$proc_dir = '/proc/';
+					$data = _dir_in_allowed_path( $proc_dir ) ? @file( $proc_dir . 'meminfo' ) : false;
+					if ( is_array( $data ) )
+						foreach ( $data as $d ) {
+							if ( 0 == strlen( trim( $d ) ) )
+								continue;
+							$d = preg_split( '/:/', $d );
+							$key = trim( $d[0] );
+							if ( ! in_array( $key, $keys ) )
+								continue;
+							$value = 1000 * floatval( trim( str_replace( ' kB', '', $d[1] ) ) );
+							$result[$key] = $value;
+						}
+				} else {
+					// WINDOWS
+					
+					$wmi_found = false;
+					if ( $wmi_query = self::wmiWBemLocatorQuery( 
+						"SELECT FreePhysicalMemory,FreeVirtualMemory,TotalSwapSpaceSize,TotalVirtualMemorySize,TotalVisibleMemorySize FROM Win32_OperatingSystem" ) ) {
+						foreach($wmi_query as $r) {
+							$result['MemFree'] = $r->FreePhysicalMemory * 1024;
+							$result['MemAvailable'] = $r->FreeVirtualMemory * 1024;
+							$result['SwapFree'] = $r->TotalSwapSpaceSize * 1024;
+							$result['SwapTotal'] = $r->TotalVirtualMemorySize * 1024;
+							$result['MemTotal'] = $r->TotalVisibleMemorySize * 1024;
+							$wmi_found = true;
+						}
+					}
+				}
+			} catch(Exception $e) {
+				echo $e->getMessage();
+			}
+			return empty($output_key) || !isset($result[$output_key]) ? $result : $result[$output_key];
+		});
+	}
+	
+	public static function getSystemCpuInfo($output_key = '')
+	{
+		return cache()->remember('QAaMB-Cpu-Info', 5, function(){
+			$result = 0;
+
+			try {
+				if (strtoupper(substr(PHP_OS, 0, 3)) != 'WIN') {
+					// LINUX
+					
+					return sys_getloadavg();
+				} else {
+					// WINDOWS
+					
+					$wmi_found = false;
+					if ( $wmi_query = self::wmiWBemLocatorQuery( 
+						"SELECT LoadPercentage FROM Win32_Processor" ) ) {
+						foreach($wmi_query as $r) {
+							$result = $r->LoadPercentage / 100;
+							$wmi_found = true;
+						}
+					}
+				}
+			} catch(Exception $e) {
+				echo $e->getMessage();
+			}
+			return empty($output_key) || !isset($result[$output_key]) ? $result : $result[$output_key];
+		});
+	}
+	
+	public static function memoryString($memory)
+	{
+		$unit = array('B', 'KB', 'MB', 'GB', 'TB', 'PB');
+		return @round($memory/pow(1024,($i=floor(log($memory,1024)))),2).' '.$unit[$i];
+	}
+	
+	public static function getMemoryUsage()
+	{
+		$memoryInfo = self::getSystemMemoryInfo();
+		
+		return sprintf(
+			'%s of %s (%s%%) <br/> %s Free',
+			self::memoryString($memoryInfo['MemTotal'] - $memoryInfo['MemFree']),
+			self::memoryString($memoryInfo['MemTotal']),
+			round(self::getMemoryPercentage() * 100),
+			self::memoryString($memoryInfo['MemFree'])
+		);
+	}
+	
+	public static function getMemoryPercentage()
+	{
+		$memoryInfo = self::getSystemMemoryInfo();
+		
+		return ($memoryInfo['MemTotal'] - $memoryInfo['MemFree']) / $memoryInfo['MemTotal'];
+	}
+	
+	public static function getCpuUsage()
+	{
+		return sprintf(
+			'%s%% CPU Usage',
+			round(self::getSystemCpuInfo() * 100)
+		);
+	}
+}
diff --git a/web/app/Http/Controllers/Api/CommentsController.php b/web/app/Http/Controllers/Api/CommentsController.php
index a5f5c80..4de98f2 100644
--- a/web/app/Http/Controllers/Api/CommentsController.php
+++ b/web/app/Http/Controllers/Api/CommentsController.php
@@ -47,11 +47,10 @@ class CommentsController extends Controller
 		
 		foreach($comments as $comment) {
 			// TODO: XlXi: user profile link
-			// TODO: XlXi: user thumbnail
 			$poster = [
 				'name' => $comment->user->username,
 				'thumbnail' => 'https://www.gtoria.local/images/testing/headshot.png',
-				'url' => 'https://gtoria.local/todo123'
+				'url' => $comment->user->getProfileUrl()
 			];
 			
 			$postDate = $comment['updated_at'];
diff --git a/web/app/Http/Controllers/Api/FeedController.php b/web/app/Http/Controllers/Api/FeedController.php
index 47f0ea1..77179e4 100644
--- a/web/app/Http/Controllers/Api/FeedController.php
+++ b/web/app/Http/Controllers/Api/FeedController.php
@@ -38,12 +38,11 @@ class FeedController extends Controller
 			if($post['poster_type'] == 'user') {
 				$user = User::where('id', $post['poster_id'])->first();
 				
-				// TODO: XlXi: user profile link
 				$poster = [
 					'type' => 'User',
 					'name' => $user->username,
 					'thumbnail' => 'https://www.gtoria.local/images/testing/headshot.png',
-					'url' => 'https://gtoria.local/todo123'
+					'url' => $user->getProfileUrl()
 				];
 			}
 			
diff --git a/web/app/Http/Controllers/Api/ShopController.php b/web/app/Http/Controllers/Api/ShopController.php
index f9a9ede..1d7f313 100644
--- a/web/app/Http/Controllers/Api/ShopController.php
+++ b/web/app/Http/Controllers/Api/ShopController.php
@@ -72,12 +72,11 @@ class ShopController extends Controller
 		foreach($assets as $asset) {
 			$creator = $asset->user;
 			
-			// TODO: XlXi: creator profile url
 			array_push($data, [
 				'Name' => $asset->name,
 				'Creator' => [
 					'Name' => $creator->username,
-					'Url' => 'todo123'
+					'Url' => $creator->getProfileUrl()
 				],
 				'Thumbnail' => $asset->getThumbnail(),
 				'Url' => route('shop.asset', ['asset' => $asset->id, 'assetName' => Str::slug($asset->name, '-')])
diff --git a/web/app/Http/Controllers/Web/ProfileController.php b/web/app/Http/Controllers/Web/ProfileController.php
new file mode 100644
index 0000000..f33b60a
--- /dev/null
+++ b/web/app/Http/Controllers/Web/ProfileController.php
@@ -0,0 +1,19 @@
+<?php
+
+namespace App\Http\Controllers\Web;
+
+use Illuminate\Http\Request;
+
+use App\Http\Controllers\Controller;
+use App\Models\User;
+
+class ProfileController extends Controller
+{
+    protected function index(Request $request, User $user)
+	{
+		return view('web.user.profile')->with([
+			'title' => sprintf('Profile of %s', $user->username),
+			'user' => $user
+		]);
+	}
+}
diff --git a/web/app/Http/Controllers/Web/TestController.php b/web/app/Http/Controllers/Web/TestController.php
new file mode 100644
index 0000000..3181e6b
--- /dev/null
+++ b/web/app/Http/Controllers/Web/TestController.php
@@ -0,0 +1,35 @@
+<?php
+
+namespace App\Http\Controllers\Web;
+
+use Illuminate\Http\Request;
+
+use App\Http\Controllers\Controller;
+use App\Grid\SoapService;
+
+class TestController extends Controller
+{
+	/**
+	 * @return Response
+	 */
+	public function generateThumbnail()
+	{
+		$testScript = <<<TestScript
+		settings()["Task Scheduler"].ThreadPoolConfig = Enum.ThreadPoolConfig.PerCore4;
+		game:GetService("ContentProvider"):SetThreadPool(16)
+		game:GetService("Stats"):SetReportUrl("http://api.gtoria.net/teststat")
+		
+		local p = game:GetService("Players"):CreateLocalPlayer(0)
+		p.CharacterAppearance = "http://api.gtoria.net/user/getCharacter.php?key=D869593BF742A42F79915993EF1DB&mode=ch&sid=1&uid=1"
+		p:LoadCharacter(false)
+		
+		return game:GetService("ThumbnailGenerator"):Click("PNG", 420, 420, true, false)
+TestScript;
+		
+		$test = new SoapService('http://192.168.0.3:64989');
+		$result = $test->OpenJob(SoapService::MakeJobJSON('test', 10, 0, 0, 'test render', $testScript));
+		
+		return response(base64_decode($result->OpenJobExResult->LuaValue[0]->value))
+				->header('Content-Type', 'image/png');
+	}
+}
\ No newline at end of file
diff --git a/web/app/Http/Middleware/Administrator.php b/web/app/Http/Middleware/Administrator.php
new file mode 100644
index 0000000..7d8c80e
--- /dev/null
+++ b/web/app/Http/Middleware/Administrator.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use Closure;
+use Illuminate\Http\Request;
+
+class Administrator
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure(\Illuminate\Http\Request): (\Illuminate\Http\Response|\Illuminate\Http\RedirectResponse)  $next
+     * @return \Illuminate\Http\Response|\Illuminate\Http\RedirectResponse
+     */
+    public function handle(Request $request, Closure $next)
+    {
+		if (Auth::user()->isAdmin())
+			return $next($request);
+		
+		return abort(403);
+    }
+}
diff --git a/web/app/Models/Roleset.php b/web/app/Models/Roleset.php
new file mode 100644
index 0000000..8d0dc85
--- /dev/null
+++ b/web/app/Models/Roleset.php
@@ -0,0 +1,11 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+
+class Roleset extends Model
+{
+    use HasFactory;
+}
diff --git a/web/app/Models/User.php b/web/app/Models/User.php
index 1fad0da..7c870c0 100644
--- a/web/app/Models/User.php
+++ b/web/app/Models/User.php
@@ -10,6 +10,8 @@ use Illuminate\Support\Facades\Auth;
 use Laravel\Sanctum\HasApiTokens;
 
 use App\Notifications\ResetPasswordNotification;
+use App\Models\UserRoleset;
+use App\Models\Roleset;
 use App\Models\Friend;
 
 class User extends Authenticatable implements MustVerifyEmail
@@ -65,4 +67,46 @@ class User extends Authenticatable implements MustVerifyEmail
 		return Friend::where('receiver_id', Auth::user()->id)
 						->where('accepted', false);
 	}
+	
+	public function getProfileUrl()
+	{
+		return route('user.profile', ['user' => $this->id]);
+	}
+	
+	public function _hasRolesetInternal($roleName)
+	{
+		$roleset = Roleset::where('Name', $roleName)->first();
+		if(
+			UserRoleset::where('Roleset_id', $roleset->id)
+						->where('User_id', Auth::user()->id)
+						->exists()
+		)
+			return true;
+		
+		return false;
+	}
+	
+	public function hasRoleset($roleName)
+	{
+		if(!Auth::check())
+			return false;
+		
+		$roleName = strtolower($roleName);
+		
+		// Special cases for Owner and Administrator rolesets
+		if($roleName == 'moderator') {
+			return (
+				$this->_hasRolesetInternal('Owner') ||
+				$this->_hasRolesetInternal('Administrator') ||
+				$this->_hasRolesetInternal('Moderator')
+			);
+		} elseif($roleName == 'administrator') {
+			return (
+				$this->_hasRolesetInternal('Owner') ||
+				$this->_hasRolesetInternal('Administrator')
+			);
+		}
+		
+		return $this->_hasRolesetInternal($roleName);
+	}
 }
diff --git a/web/app/Models/UserRoleset.php b/web/app/Models/UserRoleset.php
new file mode 100644
index 0000000..282af08
--- /dev/null
+++ b/web/app/Models/UserRoleset.php
@@ -0,0 +1,21 @@
+<?php
+
+namespace App\Models;
+
+use Illuminate\Database\Eloquent\Factories\HasFactory;
+use Illuminate\Database\Eloquent\Model;
+
+class UserRoleset extends Model
+{
+    use HasFactory;
+	
+	public function roleset()
+    {
+        return $this->belongsTo(Roleset::class, 'Roleset_id');
+    }
+	
+	public function user()
+    {
+        return $this->belongsTo(User::class, 'User_id');
+    }
+}
diff --git a/web/app/Providers/AppServiceProvider.php b/web/app/Providers/AppServiceProvider.php
index 5990509..34fc9ce 100644
--- a/web/app/Providers/AppServiceProvider.php
+++ b/web/app/Providers/AppServiceProvider.php
@@ -2,7 +2,7 @@
 
 namespace App\Providers;
 
-use Illuminate\Support\Facades\Request;
+use Illuminate\Support\Facades\Blade;
 use Illuminate\Support\ServiceProvider;
 
 class AppServiceProvider extends ServiceProvider
@@ -24,6 +24,28 @@ class AppServiceProvider extends ServiceProvider
      */
     public function boot()
     {
-		//
+		Blade::directive('owner', function() {
+            return '<?php if(Auth::check() && Auth::user()->hasRoleset(\'Owner\')): ?>';
+        });
+		
+		Blade::directive('endowner', function() {
+            return '<?php endif; ?>';
+        });
+		
+		Blade::directive('admin', function() {
+            return '<?php if(Auth::check() && Auth::user()->hasRoleset(\'Administrator\')): ?>';
+        });
+		
+		Blade::directive('endadmin', function() {
+            return '<?php endif; ?>';
+        });
+		
+		Blade::directive('moderator', function() {
+            return '<?php if(Auth::check() && Auth::user()->hasRoleset(\'Moderator\')): ?>';
+        });
+		
+		Blade::directive('endmoderator', function() {
+            return '<?php endif; ?>';
+        });
     }
 }
diff --git a/web/database/migrations/2022_08_04_193626_create_rolesets_table.php b/web/database/migrations/2022_08_04_193626_create_rolesets_table.php
new file mode 100644
index 0000000..b637c43
--- /dev/null
+++ b/web/database/migrations/2022_08_04_193626_create_rolesets_table.php
@@ -0,0 +1,32 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create('rolesets', function (Blueprint $table) {
+            $table->id();
+			$table->string('Name');
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists('rolesets');
+    }
+};
diff --git a/web/database/migrations/2022_08_04_211729_create_user_rolesets_table.php b/web/database/migrations/2022_08_04_211729_create_user_rolesets_table.php
new file mode 100644
index 0000000..99c4853
--- /dev/null
+++ b/web/database/migrations/2022_08_04_211729_create_user_rolesets_table.php
@@ -0,0 +1,33 @@
+<?php
+
+use Illuminate\Database\Migrations\Migration;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Support\Facades\Schema;
+
+return new class extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::create('user_rolesets', function (Blueprint $table) {
+            $table->id();
+			$table->unsignedBigInteger('Roleset_id');
+			$table->unsignedBigInteger('User_id');
+            $table->timestamps();
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::dropIfExists('user_rolesets');
+    }
+};
diff --git a/web/database/seeders/DatabaseSeeder.php b/web/database/seeders/DatabaseSeeder.php
index 6639aea..6a1c73a 100644
--- a/web/database/seeders/DatabaseSeeder.php
+++ b/web/database/seeders/DatabaseSeeder.php
@@ -16,7 +16,8 @@ class DatabaseSeeder extends Seeder
     {
         $this->call([
 			//FFlagSeeder::class,
-			WebConfigurationSeeder::class
+			WebConfigurationSeeder::class,
+			RolesetSeeder::class
 		]);
     }
 }
diff --git a/web/database/seeders/RolesetSeeder.php b/web/database/seeders/RolesetSeeder.php
new file mode 100644
index 0000000..c3c3e41
--- /dev/null
+++ b/web/database/seeders/RolesetSeeder.php
@@ -0,0 +1,26 @@
+<?php
+
+namespace Database\Seeders;
+
+use Illuminate\Database\Seeder;
+
+use App\Models\Roleset;
+
+class RolesetSeeder extends Seeder
+{
+    /**
+     * Run the database seeds.
+     *
+     * @return void
+     */
+    public function run()
+    {
+        Roleset::create(['name' => 'Owner']);
+        Roleset::create(['name' => 'Administrator']);
+        Roleset::create(['name' => 'Moderator']);
+        Roleset::create(['name' => 'ProtectedUser']);
+        Roleset::create(['name' => 'BetaTester']);
+        Roleset::create(['name' => 'QATester']);
+        Roleset::create(['name' => 'Soothsayer']);
+    }
+}
diff --git a/web/resources/js/components/ThumbnailToolbar.js b/web/resources/js/components/ThumbnailToolbar.js
new file mode 100644
index 0000000..e69de29
diff --git a/web/resources/views/layouts/nav.blade.php b/web/resources/views/layouts/nav.blade.php
index a504409..8e326e9 100644
--- a/web/resources/views/layouts/nav.blade.php
+++ b/web/resources/views/layouts/nav.blade.php
@@ -17,108 +17,217 @@
 	];
 @endphp
 
-<div class="navbar graphictoria-navbar fixed-top navbar-expand-md shadow-sm">
-	<div class="container-md">
-		@live
-			<a class="navbar-brand" href="/">
-				<img src="{{ asset('/images/logo.png') }}" alt="Graphictoria" width="43" height="43" draggable="false"/>
-			</a>
-		@else
-			<i class="navbar-brand">
-				<img src="{{ asset('/images/logo.png') }}" alt="Graphictoria" width="43" height="43" draggable="false"/>
-			</i>
-		@endlive
-		@live
-			<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#graphictoria-nav" aria-controls="graphictoria-nav" aria-expanded="false" aria-label="Toggle navigation">
-				<span class="navbar-toggler-icon"></span>
-			</button>
-		@endlive
-		@live
-			<div class="collapse navbar-collapse" id="graphictoria-nav">
-		@endlive
-			<ul class="navbar-nav me-auto">
-				@live
-					@foreach($routes as $route)
-						@php
-							$route = (object)$route;
-						@endphp
-						<li class="nav-item">
-							<a @class(['nav-link', 'active'=>str_starts_with(Request::path(), $route->location)]) href="{{ url('/' . $route->location) }}">{{ $route->label }}</a>
-						</li>
-					@endforeach
-					<li class="nav-item dropdown">
-						<a class="nav-link dropdown-toggle" href="#" id="graphictoria-nav-dropdown" role="button" data-bs-toggle="dropdown" area-expanded="false">More</a>
-						<ul class="dropdown-menu graphictoria-nav-dropdown" area-labelledby="graphictoria-nav-dropdown">
-							@auth
-								<li><a @class(['dropdown-item', 'active'=>str_starts_with(Request::path(), 'my/create')]) href="{{ url('/my/create') }}">Create</a></li>
-							@endauth
-							<li><a @class(['dropdown-item', 'active'=>str_starts_with(Request::path(), 'groups')]) href="{{ url('/groups') }}">Groups</a></li>
-							<li><a @class(['dropdown-item', 'active'=>str_starts_with(Request::path(), 'users')]) href="{{ url('/users') }}">Users</a></li>
-							<li><hr class="dropdown-divider"></li>
-							<li><a class="dropdown-item" href="https://discord.gg/q666a2sF6d" target="_blank" rel="noreferrer">Discord</a></li>
-							<li><a class="dropdown-item" href="https://blog.gtoria.net" target="_blank" rel="noreferrer">Blog</a></li>
-						</ul>
-					</li>
-				@else
-					<li class="nav-item">
-						<a class="nav-link" href="https://discord.gg/q666a2sF6d" target="_blank" rel="noreferrer">Discord</a>
-					</li>
-				@endlive
-			</ul>
-			@live
-				@auth
-					<div id="graphictoria-nav-searchbar" class="graphictoria-search"></div>
-					<ul class="navbar-nav ms-auto me-2">
-						<li class="nav-item">
-							{{-- TODO: XlXi: messages and notifications --}}
-							<a @class(['nav-link', 'active'=>str_starts_with(Request::path(), 'my/friends')]) href="{{ url('/my/friends') }}" data-bs-toggle="tooltip" data-bs-placement="bottom" title="Friends">
-								@php
-									$friendRequestCount = Auth::user()->getFriendRequests()->count();
-								@endphp
-								@if($friendRequestCount > 0)
-									<span class="position-relative top-0 start-100 translate-middle badge rounded-pill bg-danger">
-										{{
-											$friendRequestCount > 99 ? '99+' : $friendRequestCount
-										}}
+<div class="fixed-top">
+	@live
+		@moderator
+			<style>
+				@media (min-width: 768px) {
+					.graphictoria-admin-nav > .nav-item:not(:first-child) {
+						border-left: 1px solid #666;
+					}
+				}
+				
+				@media (max-width: 768px) {
+					.graphictoria-admin-nav {
+						flex-direction: unset;
+						flex-wrap: wrap;
+					}
+					.graphictoria-admin-nav > .nav-item {
+						padding: 0 8px 0 8px;
+					}
+				}
+				
+				.graphictoria-admin-nav > .nav-item > a,
+				.graphictoria-admin-nav > .nav-item > p,
+				.graphictoria-admin-nav > .nav-item > span
+				{
+					color: #ccc;
+				}
+				
+				.graphictoria-admin-nav > .nav-item > a:hover {
+					color: #eee;
+				}
+				
+				.graphictoria-admin-memorybar {
+					width: 100px;
+					height: 10px;
+				}
+			</style>
+			<div class="navbar navbar-dark bg-dark border-0 py-1">
+				<div class="container-md navbar-expand-md text-light">
+					<span class="badge rounded-pill bg-secondary" data-bs-toggle="tooltip" data-bs-placement="bottom" title="Graphictoria Quick Administration and Management Bar">QAaMB</span>
+					<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#graphictoria-admin-nav" aria-controls="graphictoria-admin-nav" aria-expanded="false" aria-label="Toggle navigation" style="font-size: 14px;">
+						<span>Toggle</span>
+					</button>
+					<div class="collapse navbar-collapse" id="graphictoria-admin-nav">
+						<ul class="navbar-nav graphictoria-admin-nav ms-auto">
+							@yield('quick-admin')
+							<li class="nav-item">
+								{{-- TODO: XlXi: Make this use route() --}}
+								<a href="{{ url('/admin') }}" class="nav-link py-0"><i class="fa-solid fa-gavel"></i></a>
+							</li>
+							@admin
+								<li class="nav-item" data-bs-toggle="tooltip" data-bs-placement="bottom" data-bs-html="true" title="<strong>Only accurate at page load</strong><br/>{{ \App\Helpers\QAaMBHelper::getMemoryUsage() }}">
+									<span class="px-md-2 d-flex" style="height:24px;">
+										<div class="my-auto rounded-1 bg-secondary border border-light right-0 me-1 position-relative graphictoria-admin-memorybar">
+											@php
+												$admin_memorybar_color = 'bg-primary';
+												$admin_memorybar_usage = \App\Helpers\QAaMBHelper::getMemoryPercentage() * 100;
+												
+												if($admin_memorybar_usage <= 25)
+													$admin_memorybar_color = 'bg-success'; // Green
+												elseif($admin_memorybar_usage > 25 && $admin_memorybar_usage <= 75)
+													$admin_memorybar_color = 'bg-warning'; // Orange
+												elseif($admin_memorybar_usage > 75)
+													$admin_memorybar_color = 'bg-danger';  // Red
+											@endphp
+											<div
+												class="{{ $admin_memorybar_color }} rounded-1 position-absolute graphictoria-admin-memorybar"
+												style="width:{{ $admin_memorybar_usage }}px!important;height:8px!important;"
+											></div>
+										</div>
+										<i class="my-auto fa-solid fa-gear"></i>
 									</span>
-								@endif
-								<i class="fa-solid fa-user-group"></i>
-							</a>
-						</li>
-					</ul>
-					<div class="d-md-flex">
-						<p class="my-auto me-2 text-muted" style="color:#e59800!important;font-weight:bold">
-							<span data-bs-toggle="tooltip" data-bs-placement="bottom" title="You have {{ number_format(Auth::user()->tokens) }} tokens. Your next reward is in {{ Auth::user()->next_reward->diffForHumans(['syntax' => Carbon\CarbonInterface::DIFF_ABSOLUTE]) }}.">
-								<img src="{{ asset('images/symbols/token.svg') }}" height="20" width="20" class="img-fluid me-1" style="margin-top:-1px" />{{ \App\Helpers\NumberHelper::Abbreviate(Auth::user()->tokens) }}
-							</span>
-						</p>
-						<div class="dropdown">
-							<a class="nav-link dropdown-toggle graphictoria-user-dropdown px-0 px-md-3" href="#" id="graphictoria-user-dropdown" role="button" data-bs-toggle="dropdown" area-expanded="false">
-								<span class="d-flex align-items-center">
-									<img src="{{ asset('images/testing/headshot.png') }}" class="img-fluid border me-1 graphictora-user-circle" width="37" height="37">
-									<p>{{ Auth::user()->username }}</p>
-								</span>
-							</a>
-							<ul class="dropdown-menu graphictoria-user-dropdown" area-labelledby="graphictoria-user-dropdown">
-								<li><a class="dropdown-item" href="{{ url('/todo123') }}">Profile</a></li>
-								<li><a class="dropdown-item" href="{{ url('/todo123') }}">Character</a></li>
-								<li><a class="dropdown-item" href="{{ url('/my/settings') }}">Settings</a></li>
-								<li><hr class="dropdown-divider"></li>
-								<li><a class="dropdown-item" href="{{ url('/logout') }}">Sign out</a></li>
-							</ul>
-						</div>
+								</li>
+								<li class="nav-item" data-bs-toggle="tooltip" data-bs-placement="bottom" data-bs-html="true" title="<strong>Only accurate at page load</strong><br/>{{ \App\Helpers\QAaMBHelper::getCpuUsage() }}">
+									<span class="px-md-2 d-flex" style="height:24px;">
+										<div class="my-auto rounded-1 bg-secondary border border-light right-0 me-1 position-relative graphictoria-admin-memorybar">
+											@php
+												$admin_cpubar_color = 'bg-primary';
+												$admin_cpubar_usage = \App\Helpers\QAaMBHelper::getSystemCpuInfo() * 100;
+												
+												if($admin_cpubar_usage <= 25)
+													$admin_cpubar_color = 'bg-success'; // Green
+												elseif($admin_cpubar_usage > 25 && $admin_cpubar_usage <= 75)
+													$admin_cpubar_color = 'bg-warning'; // Orange
+												elseif($admin_cpubar_usage > 75)
+													$admin_cpubar_color = 'bg-danger';  // Red
+											@endphp
+											<div
+												class="{{ $admin_cpubar_color }} rounded-1 position-absolute graphictoria-admin-memorybar"
+												style="width:{{ $admin_cpubar_usage }}px!important;height:8px!important;"
+											></div>
+										</div>
+										<i class="my-auto fa-solid fa-microchip"></i>
+									</span>
+								</li>
+							@endadmin
+						</ul>
 					</div>
-				@else
-					<a class="btn btn-success" href="/login">Login / Sign up</a>
-				@endauth
-			@endlive
-		@live
-			{{-- graphictoria-nav --}}
+				</div>
 			</div>
-		@endlive
+		@endmoderator
+	@endlive
+	<div
+		class="navbar graphictoria-navbar navbar-expand-md shadow-sm"
+	>
+		<div class="container-md">
+			@live
+				<a class="navbar-brand" href="/">
+					<img src="{{ asset('/images/logo.png') }}" alt="Graphictoria" width="43" height="43" draggable="false"/>
+				</a>
+			@else
+				<i class="navbar-brand">
+					<img src="{{ asset('/images/logo.png') }}" alt="Graphictoria" width="43" height="43" draggable="false"/>
+				</i>
+			@endlive
+			@live
+				<button class="navbar-toggler" type="button" data-bs-toggle="collapse" data-bs-target="#graphictoria-nav" aria-controls="graphictoria-nav" aria-expanded="false" aria-label="Toggle navigation">
+					<span class="navbar-toggler-icon"></span>
+				</button>
+			@endlive
+			@live
+				<div class="collapse navbar-collapse" id="graphictoria-nav">
+			@endlive
+				<ul class="navbar-nav me-auto">
+					@live
+						@foreach($routes as $route)
+							@php
+								$route = (object)$route;
+							@endphp
+							<li class="nav-item">
+								<a @class(['nav-link', 'active'=>str_starts_with(Request::path(), $route->location)]) href="{{ url('/' . $route->location) }}">{{ $route->label }}</a>
+							</li>
+						@endforeach
+						<li class="nav-item dropdown">
+							<a class="nav-link dropdown-toggle" href="#" id="graphictoria-nav-dropdown" role="button" data-bs-toggle="dropdown" area-expanded="false">More</a>
+							<ul class="dropdown-menu graphictoria-nav-dropdown" area-labelledby="graphictoria-nav-dropdown">
+								@auth
+									<li><a @class(['dropdown-item', 'active'=>str_starts_with(Request::path(), 'my/create')]) href="{{ url('/my/create') }}">Create</a></li>
+								@endauth
+								<li><a @class(['dropdown-item', 'active'=>str_starts_with(Request::path(), 'groups')]) href="{{ url('/groups') }}">Groups</a></li>
+								<li><a @class(['dropdown-item', 'active'=>str_starts_with(Request::path(), 'users')]) href="{{ url('/users') }}">Users</a></li>
+								<li><hr class="dropdown-divider"></li>
+								<li><a class="dropdown-item" href="https://discord.gg/q666a2sF6d" target="_blank" rel="noreferrer">Discord</a></li>
+								<li><a class="dropdown-item" href="https://blog.gtoria.net" target="_blank" rel="noreferrer">Blog</a></li>
+							</ul>
+						</li>
+					@else
+						<li class="nav-item">
+							<a class="nav-link" href="https://discord.gg/q666a2sF6d" target="_blank" rel="noreferrer">Discord</a>
+						</li>
+					@endlive
+				</ul>
+				@live
+					@auth
+						<div id="graphictoria-nav-searchbar" class="graphictoria-search"></div>
+						<ul class="navbar-nav ms-auto me-2">
+							<li class="nav-item">
+								{{-- TODO: XlXi: messages and notifications --}}
+								<a @class(['nav-link', 'active'=>str_starts_with(Request::path(), 'my/friends')]) href="{{ url('/my/friends') }}" data-bs-toggle="tooltip" data-bs-placement="bottom" title="Friends">
+									@php
+										$friendRequestCount = Auth::user()->getFriendRequests()->count();
+									@endphp
+									@if($friendRequestCount > 0)
+										<span class="position-relative top-0 start-100 translate-middle badge rounded-pill bg-danger">
+											{{
+												$friendRequestCount > 99 ? '99+' : $friendRequestCount
+											}}
+										</span>
+									@endif
+									<i class="fa-solid fa-user-group"></i>
+								</a>
+							</li>
+						</ul>
+						<div class="d-md-flex">
+							<p class="my-auto me-2 text-muted" style="color:#e59800!important;font-weight:bold">
+								<span data-bs-toggle="tooltip" data-bs-placement="bottom" title="You have {{ number_format(Auth::user()->tokens) }} tokens. Your next reward is in {{ Auth::user()->next_reward->diffForHumans(['syntax' => Carbon\CarbonInterface::DIFF_ABSOLUTE]) }}.">
+									<img src="{{ asset('images/symbols/token.svg') }}" height="20" width="20" class="img-fluid me-1" style="margin-top:-1px" />{{ \App\Helpers\NumberHelper::Abbreviate(Auth::user()->tokens) }}
+								</span>
+							</p>
+							<div class="dropdown">
+								<a class="nav-link dropdown-toggle graphictoria-user-dropdown px-0 px-md-3" href="#" id="graphictoria-user-dropdown" role="button" data-bs-toggle="dropdown" area-expanded="false">
+									<span class="d-flex align-items-center">
+										<img src="{{ asset('images/testing/headshot.png') }}" class="img-fluid border me-1 graphictora-user-circle" width="37" height="37">
+										<p>{{ Auth::user()->username }}</p>
+									</span>
+								</a>
+								<ul class="dropdown-menu graphictoria-user-dropdown" area-labelledby="graphictoria-user-dropdown">
+									<li><a class="dropdown-item" href="{{ Auth::user()->getProfileUrl() }}">Profile</a></li>
+									<li><a class="dropdown-item" href="{{ url('/todo123') }}">Character</a></li>
+									<li><a class="dropdown-item" href="{{ url('/my/settings') }}">Settings</a></li>
+									<li><hr class="dropdown-divider"></li>
+									<li><a class="dropdown-item" href="{{ url('/logout') }}">Sign out</a></li>
+								</ul>
+							</div>
+						</div>
+					@else
+						<a class="btn btn-success" href="/login">Login / Sign up</a>
+					@endauth
+				@endlive
+			@live
+				{{-- graphictoria-nav --}}
+				</div>
+			@endlive
+		</div>
 	</div>
 </div>
-<div class="graphictoria-nav-margin"></div>
+<div
+	class="graphictoria-nav-margin"
+	@moderator
+	style="padding-top:32px"
+	@endmoderator
+></div>
 @foreach(App\Models\Banner::all() as $banner)
 	<div @class(['alert', 'alert-' . $banner->style, 'graphictoria-alert', 'alert-dismissible' => $banner->dismissable])>
 		<p class="mb-0">{{ \App\Helpers\MarkdownHelper::parse($banner->message) }}</p>
diff --git a/web/resources/views/web/auth/forgot-password.blade.php b/web/resources/views/web/auth/forgot-password.blade.php
index 1218425..b4c139e 100644
--- a/web/resources/views/web/auth/forgot-password.blade.php
+++ b/web/resources/views/web/auth/forgot-password.blade.php
@@ -34,7 +34,7 @@
 				<form method="POST" action="{{ route('auth.password.forgot-submit') }}">
 					@csrf
 					@foreach($fields as $field => $label)
-						<input type="{{ $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" :value="old($field)" />
+						<input type="{{ $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" value="{{ old($field) }}" />
 					@endforeach
 					<a href="{{ route('auth.login.index') }}" class="btn btn-secondary px-5" ><i class="fa-solid fa-angles-left"></i> Back</a>&nbsp;
 					<button class="btn btn-primary px-5" type="submit">Send Reset Link</button>
diff --git a/web/resources/views/web/auth/login.blade.php b/web/resources/views/web/auth/login.blade.php
index 49881b4..56c658e 100644
--- a/web/resources/views/web/auth/login.blade.php
+++ b/web/resources/views/web/auth/login.blade.php
@@ -33,7 +33,7 @@
 					<form method="POST" action="{{ route('auth.login.submit') }}">
 						@csrf
 						@foreach($fields as $field => $label)
-							<input type="{{ $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" :value="old($field)" />
+							<input type="{{ $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" value="{{ old($field) }}" />
 						@endforeach
 						<div class="mb-2">
 							<input class="form-check-input" type="checkbox" value="" id="remember" name="remember">
diff --git a/web/resources/views/web/auth/register.blade.php b/web/resources/views/web/auth/register.blade.php
index 9c027b4..53cc177 100644
--- a/web/resources/views/web/auth/register.blade.php
+++ b/web/resources/views/web/auth/register.blade.php
@@ -33,7 +33,7 @@
 				<form method="POST" action="{{ route('auth.register.submit') }}">
 					@csrf
 					@foreach($fields as $field => $label)
-						<input type="{{ $field == 'password_confirmation' ? 'password' : $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" :value="old($field)" />
+						<input type="{{ $field == 'password_confirmation' ? 'password' : $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" value="{{ old($field) }}" />
 					@endforeach
 					<button class="btn btn-success px-5 mt-3" type="submit">Sign Up</button>
 				</form>
diff --git a/web/resources/views/web/auth/reset-password.blade.php b/web/resources/views/web/auth/reset-password.blade.php
index 372a19d..14a0249 100644
--- a/web/resources/views/web/auth/reset-password.blade.php
+++ b/web/resources/views/web/auth/reset-password.blade.php
@@ -27,7 +27,7 @@
 					@csrf
 					<input type="hidden" name="token" value="{{ $request->route('token') }}" />
 					@foreach($fields as $field => $label)
-						<input type="{{ $field == 'password_confirmation' ? 'password' : $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" :value="old($field)" />
+						<input type="{{ $field == 'password_confirmation' ? 'password' : $field }}" @class(['form-control', 'mb-2', 'is-invalid'=>($errors->first($field) != null)]) placeholder="{{ $label }}" name="{{ $field }}" value="{{ old($field) }}" />
 					@endforeach
 					<button class="btn btn-primary px-5" type="submit">Change Password</button>
 				</form>
diff --git a/web/resources/views/web/shop/asset.blade.php b/web/resources/views/web/shop/asset.blade.php
index f5c690a..bf5e655 100644
--- a/web/resources/views/web/shop/asset.blade.php
+++ b/web/resources/views/web/shop/asset.blade.php
@@ -6,6 +6,13 @@
 <script src="{{ mix('js/Item.js') }}"></script>
 @endsection
 
+@section('quick-admin')
+<li class="nav-item">
+	{{-- TODO: XlXi: Make this use route() --}}
+	<a href="{{ url('/admin/moderate?id=' . $asset->id . '&type=asset') }}" class="nav-link py-0">Moderate Asset</a>
+</li>
+@endsection
+
 @section('content')
 <div class="container mx-auto py-5">
 	@if(!$asset->approved)
@@ -29,12 +36,18 @@
 			<div class="card-body">
 				<div class="d-flex">
 					<div class="pe-4">
-						<img src={{ asset('images/testing/hat.png') }} alt="{{ $asset->name }}" class="border img-fluid" />
+						<div class="border-1 position-relative">
+							<img src={{ asset('images/testing/hat.png') }} alt="{{ $asset->name }}" class="border img-fluid" />
+							<div id="gt-thumbnail-toolbar"></div>
+							<div class="d-flex position-absolute bottom-0 end-0 pb-2 pe-2">
+								<button class="btn btn-secondary me-2">Try On</button>
+								<button class="btn btn-secondary">3D</button>
+							</div>
+						</div>
 					</div>
 					<div class="flex-fill">
 						<h3 class="mb-0">{{ $asset->name }}</h3>
-						{{-- TODO: XlXi: url to user's profile --}}
-						<p>By {{ $asset->user->username }}</p>
+						<p>By <a class="text-decoration-none fw-normal" href="{{ $asset->user->getProfileUrl() }}">{{ $asset->user->username }}</a></p>
 						<hr />
 						{{-- TODO: XlXi: limiteds/trading --}}
 						<div class="row mt-2">
diff --git a/web/resources/views/web/user/profile.blade.php b/web/resources/views/web/user/profile.blade.php
new file mode 100644
index 0000000..105e9b7
--- /dev/null
+++ b/web/resources/views/web/user/profile.blade.php
@@ -0,0 +1,10 @@
+@extends('layouts.app')
+
+@section('title', $title)
+
+@section('page-specific')
+@endsection
+
+@section('content')
+<h1>this is {{ $user->username }}'s profile</h1>
+@endsection
\ No newline at end of file
diff --git a/web/routes/web.php b/web/routes/web.php
index 38520b8..4f0894e 100644
--- a/web/routes/web.php
+++ b/web/routes/web.php
@@ -1,6 +1,11 @@
 <?php
 
 use App\Models\Asset;
+use App\Models\User;
+
+Route::group(['as' => 'user.', 'prefix' => 'users'], function() {
+	Route::get('/{user}/profile', 'ProfileController@index')->name('profile');
+});
 
 Route::group(['as' => 'home.'], function() {
 	Route::get('/', 'HomeController@landing')->name('landing')->middleware('guest');