Create a test directory (on your home page of the school for instance) for CSRF. You will write some pages that do Cross Site Request Forgery in this directory.
Create a page, Displaying "Hello World" (or anything you want), that logs the user out of the guestbook site. You will insert an image refering to the URL of the logout page.
Create another page, containing "Hello Someone" that inserts a new line in the Guestbook.
Create a page for changing the password of the user on the page.