commit b4e89ea9ee914bf6025593fd409d2a3e71ff67ec
Author: Philip <spliceboti@hotmail.com>
Date:   Tue Feb 17 17:34:50 2026 -0800

    Initial commit: Next.js rewrite of Super Bowl Squares app
    
    Full rewrite of the legacy PHP/MySQL app using Next.js 14, PostgreSQL,
    Prisma, NextAuth, Tailwind CSS, and WebSocket-based live chat/grid updates.
    Deployed via Docker Compose with a custom Node.js server for WebSocket support.
    
    Fix chat display names by passing userId from the NextAuth session over
    WebSocket instead of attempting to read the HttpOnly session cookie (which
    is inaccessible to JavaScript). Server now looks up the user's first name
    from the database using the userId.
    
    Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

diff --git a/.claude/settings.local.json b/.claude/settings.local.json
new file mode 100644
index 0000000..3a791c2
--- /dev/null
+++ b/.claude/settings.local.json
@@ -0,0 +1,25 @@
+{
+  "permissions": {
+    "allow": [
+      "Bash(npm install:*)",
+      "Bash(npx next build:*)",
+      "Bash(git init:*)",
+      "Bash(git add:*)",
+      "Bash(git rm:*)",
+      "Bash(docker-compose up:*)",
+      "Bash(docker compose:*)",
+      "Bash(docker version:*)",
+      "Bash(sudo apt-get update:*)",
+      "Bash(chmod:*)",
+      "Bash(dpkg:*)",
+      "Bash(docker:*)",
+      "Bash(curl:*)",
+      "Bash(ss:*)",
+      "Bash(echo:*)",
+      "Bash(iptables:*)",
+      "Bash(npx tsc:*)",
+      "Bash(npx prisma generate:*)",
+      "Bash(timeout 3 node:*)"
+    ]
+  }
+}
diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..eed3ff6
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,7 @@
+node_modules
+.next
+.git
+legacy
+*.md
+.env
+.env.local
diff --git a/.env.example b/.env.example
new file mode 100644
index 0000000..5d1197a
--- /dev/null
+++ b/.env.example
@@ -0,0 +1,11 @@
+# PostgreSQL
+POSTGRES_USER=superbowl
+POSTGRES_PASSWORD=superbowl
+POSTGRES_DB=superbowl
+
+# Database connection (app container talks to "db" service)
+DATABASE_URL="postgresql://superbowl:superbowl@db:5432/superbowl?schema=public"
+
+# NextAuth
+NEXTAUTH_SECRET="change-me-to-a-random-secret"
+NEXTAUTH_URL="http://localhost:3000"
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..104b71f
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1,34 @@
+# dependencies
+/node_modules
+/.pnp
+.pnp.js
+
+# testing
+/coverage
+
+# next.js
+/.next/
+/out/
+
+# production
+/build
+
+# misc
+.DS_Store
+*.pem
+
+# debug
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+
+# local env files
+.env
+.env*.local
+
+# vercel
+.vercel
+
+# typescript
+*.tsbuildinfo
+next-env.d.ts
diff --git a/CLAUDE.md b/CLAUDE.md
new file mode 100644
index 0000000..c3418cd
--- /dev/null
+++ b/CLAUDE.md
@@ -0,0 +1,198 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Project Overview
+
+Super Bowl Squares — a web application that runs a 10x10 grid-based betting game for the Super Bowl. Players purchase squares, random numbers (0-9) are assigned to each row/column for AFC and NFC teams, and winners are determined by the last digit of each team's score at the end of each quarter.
+
+This is a rewrite of a legacy PHP/MySQL application (preserved in `legacy/` for reference). The legacy app has significant security issues (SQL injection, plaintext passwords, no CSRF protection) and uses early-2000s HTML patterns.
+
+## Tech Stack
+
+- **Framework**: Next.js 14 (App Router) with TypeScript
+- **Database**: PostgreSQL 16 via Prisma ORM
+- **Auth**: NextAuth.js with JWT strategy and credentials provider
+- **Styling**: Tailwind CSS with custom theme (dark mode, `primary`/`accent` color scales, glow shadows)
+- **Real-time**: WebSocket server (ws) for live chat, mounted at `/ws/chat`
+- **Deployment**: Docker Compose (app + postgres)
+
+## Development Commands
+
+```bash
+# Start everything (build + run with Docker Compose)
+docker compose up --build -d
+
+# View logs
+docker compose logs app --tail 50
+docker compose logs app -f        # follow
+
+# Rebuild after code changes
+docker compose up --build -d
+
+# Stop
+docker compose down
+
+# Database operations (run from host with node_modules present)
+npx prisma db push          # sync schema to DB
+npx prisma generate         # regenerate client after schema changes
+npx tsx prisma/seed.ts      # seed default data
+npm run db:migrate          # deploy prisma migrations (production)
+npm run db:generate         # regenerate Prisma client (alias)
+
+# Dev server (requires local postgres with DATABASE_URL pointing to it)
+npm run dev                 # runs tsx server.ts -> server.js
+```
+
+**Note**: The app runs inside Docker where `DATABASE_URL` points to the `db` service. For local dev outside Docker, update `DATABASE_URL` to `postgresql://superbowl:superbowl@localhost:5432/superbowl`.
+
+## Environment Variables
+
+Required variables (see `.env.example`):
+- `DATABASE_URL` — PostgreSQL connection string
+- `POSTGRES_USER`, `POSTGRES_PASSWORD`, `POSTGRES_DB` — Database credentials
+- `NEXTAUTH_SECRET` — Random secret for JWT signing (generate with `openssl rand -base64 32`)
+- `NEXTAUTH_URL` — Full URL where app is deployed (e.g., `http://localhost:3000`)
+
+## Architecture
+
+### Custom Server (`server.js`)
+
+Next.js runs behind a custom HTTP server that also handles WebSocket upgrades. This is required for the live chat and real-time grid update features. The server has two boot modes:
+
+- **Dev mode** (`NODE_ENV !== 'production'`): Uses the standard `next()` API with `app.prepare()`, creates its own HTTP server, and adds WebSocket upgrade handling on `/ws/chat`.
+- **Production standalone mode**: Monkey-patches `http.createServer` to intercept the HTTP server that Next.js's `startServer()` creates, injecting WebSocket upgrade handling for `/ws/chat` before Next.js registers its own upgrade handler. Reads the embedded `nextConfig` from `server.standalone.js` (saved during Docker build) and sets `__NEXT_PRIVATE_STANDALONE_CONFIG` env var so Next.js skips webpack loading.
+
+The server also runs:
+- Chat message broadcasting with blacklist filtering and JWT token decoding for user identity
+- `squares:changed` → `squares:refresh` broadcast for real-time grid updates
+- Payment reminder scheduler (15-minute interval) that checks unconfirmed squares approaching grace period deadline
+
+`server.ts` is just a dev shim that requires `server.js`.
+
+**Critical Dockerfile detail**: The standalone build output includes its own `server.js`. The Dockerfile saves it as `server.standalone.js` then copies our custom `server.js` over it. Extra node_modules not included in standalone output (`ws`, `nodemailer`, `next-auth`, `jose`, `@panva`, `uuid`, `@babel`, `preact`, `oauth`, `openid-client`, `cookie`) are explicitly copied in the Dockerfile.
+
+### Authentication Flow
+
+- `src/lib/auth.ts` — NextAuth config with credentials provider (email/password, bcrypt)
+- `src/middleware.ts` — Route protection: public routes (`/`, `/login`, `/register`, `/signup`, `/setup`, `/api/auth`, `/api/setup`), admin routes require ADMIN or VIEWER role, `/my-squares` requires any authenticated user
+- `src/types/index.ts` — Augments NextAuth session/JWT types with `role` and `id`
+- JWT tokens carry `role` (ADMIN/VIEWER/PLAYER) and `id` fields
+
+### Database Pattern
+
+- Prisma schema at `prisma/schema.prisma`
+- Singleton pattern: `GameSettings`, `Score`, and `EmailSettings` use `id: "singleton"` — there's always exactly one row
+- `prisma/seed.ts` — Seeds 100 squares (positions "00"-"99"), default settings, default score row, email settings, and 8 email templates (welcome, square_confirmation, square_confirmed, square_released, payment_reminder, numbers_assigned, game_results, custom). Uses upserts so it's idempotent. Email templates use `update: {}` to preserve manual edits (only creates, never overwrites).
+- Shared Prisma client at `src/lib/prisma.ts` (global singleton to avoid connection exhaustion in dev)
+
+### Page Structure
+
+- `/` — Main page: 10x10 grid + chat window. Redirects to `/setup` if no admin exists.
+- `/setup` — First-run admin account creation
+- `/login`, `/register` — Auth pages
+- `/signup?squares=01,02,...` — Square purchase form (guest or authenticated)
+- `/my-squares` — Player's own squares (requires auth)
+- `/admin/*` — Admin panel with sidebar nav (`layout.tsx` is a client component with role-based nav filtering)
+
+Admin sub-pages: dashboard, squares, numbers, scores, balance, settings, users, email, chat, backup. Viewers are restricted from settings, users, and backup.
+
+### API Routes (`src/app/api/`)
+
+All API routes use `getServerSession(authOptions)` for auth checks. Pattern: GET for reads, POST for creates, PUT for full updates, PATCH for partial updates.
+
+Key routes:
+- `squares/` — GET (list all), POST (purchase), PATCH (admin: confirm/release/reserve/bulk-reserve/edit)
+- `settings/` — GET (public), PUT (admin-only, handles payment methods separately)
+- `numbers/` — POST generates random 0-9 shuffles for NFC/AFC axes
+- `scores/` — PUT updates quarter scores and determines winners
+- `backup/` — Export/import game data
+- `upload/` — Image upload for team/SB logos
+
+### Component Patterns
+
+- Server components fetch data directly via Prisma (e.g., `page.tsx` for `/`)
+- Client components use `'use client'` and fetch via API routes
+- `src/components/Providers.tsx` wraps app with `SessionProvider` + `WebSocketProvider` + `ToastProvider`
+- Grid components: `SquareGrid` (10x10 table with real-time WS refresh), `SquareCell` (individual cell), `GridHeader` (team logos/matchup banner/event info)
+- `src/lib/ws.tsx` — React Context `WebSocketProvider` shares a single WebSocket connection app-wide. Exports `useWebSocket()` hook returning `{ messages, connected, sendMessage, deleteMessage, squaresVersion, notifySquaresChanged }`. The `squaresVersion` counter increments on `squares:refresh` events; components watch it to re-fetch grid data.
+
+### Styling Conventions
+
+- Dark theme throughout: `bg-gray-950` base, `bg-gray-900` cards
+- Custom Tailwind classes in `globals.css`: `.btn-primary`, `.btn-secondary`, `.btn-danger`, `.btn-success`, `.input-field`, `.card`, `.card-elevated`
+- Custom color scales: `primary` (blue), `accent` (purple), `success`, `warning`, `danger`
+- Custom glow shadows: `shadow-glow-sm`, `shadow-glow`, `shadow-glow-lg`, `shadow-glow-green`, `shadow-glow-amber`
+
+### Docker Setup
+
+- `Dockerfile` — Multi-stage build: builder (npm install, next build, compile seed script) -> runner (standalone output, prisma CLI for runtime migrations). The runner stage saves the original standalone `server.js` as `server.standalone.js` then copies our custom `server.js` over it, and copies extra node_modules not included in standalone output.
+- `docker-entrypoint.sh` — Runs `prisma db push`, seeds DB, then starts `node server.js`
+- `docker-compose.yml` — Two services: `app` (port 3000) and `db` (postgres:16-alpine, port 5432, healthcheck)
+
+### Next.js Configuration
+
+`next.config.js` settings:
+- `output: 'standalone'` — Minimal production build with embedded dependencies for Docker
+- `serverComponentsExternalPackages: ['nodemailer']` — Prevents bundling nodemailer (requires native modules)
+- `images: { unoptimized: true }` — Disables Next.js image optimization for simpler Docker deployment
+
+### Real-time Updates
+
+Two real-time channels share a single WebSocket connection per client:
+- **Chat**: Messages are stored in DB and broadcast to all connected clients
+- **Grid refresh**: When squares change (purchase, admin action), the acting client sends `{type: 'squares:changed'}` via WS. The server broadcasts `{type: 'squares:refresh'}` to all clients. Clients increment `squaresVersion` which triggers a re-fetch of `/api/squares`.
+
+### Path Alias
+
+`@/*` maps to `./src/*` (configured in `tsconfig.json`). Use `@/lib/prisma`, `@/components/ui/Button`, etc.
+
+## Game Logic
+
+- 100 squares in a 10x10 grid, positions "00" through "99" (row digit + column digit)
+- Row = NFC team axis, Column = AFC team axis
+- Numbers (0-9) are randomly shuffled independently for each axis; can only be generated when all 100 squares are claimed
+- Winners: last digit of each team's quarter score maps to the grid number → intersecting square wins
+- Four quarters: Q1 (first), Q2 (half), Q3 (third), Final — each with configurable payout percentage
+- Max 10 squares per purchase submission
+- Squares can be guest-purchased (name+email) or purchased by authenticated players
+
+## Feature Requirements
+
+### Role-Based Access (3 roles)
+
+**Admin** (full control): manage all accounts, game settings (bet amount, teams, logos, payouts, payment methods, rules), generate numbers, edit squares, edit scores, email system, backup/restore, chat moderation
+
+**Viewer** (limited admin — for co-commissioners): view balance sheet, edit squares, update scores, send emails, moderate chat
+
+**Player** (authenticated participant): view own squares, purchase squares, live chat, change own name/password
+
+### Email System
+- Templates with `{{placeholder}}` variables (stored in DB, seeded with defaults)
+- Configurable SMTP/SSL transport via `EmailSettings`
+- `src/lib/email.ts` — `sendEmail()`, `renderTemplate()`, `getTransporter()` core functions
+- `src/lib/autoEmail.ts` — Fire-and-forget automated emails triggered by game events:
+  - `sendWelcomeEmail` — on user registration (from `POST /api/users`)
+  - `sendPurchaseConfirmationEmail` — on square purchase (from `POST /api/squares`)
+  - `sendSquareConfirmedEmail` / `sendSquareReleasedEmail` — on admin confirm/release (from `PATCH /api/squares`)
+  - `sendNumbersAssignedEmails` — to all participants when numbers generated (from `POST /api/numbers`)
+  - `sendGameResultsEmails` — to all participants when final score entered (from `PUT /api/scores`)
+  - `checkPaymentReminders` — scheduled in server.js every 15 minutes, sends reminders 2 hours before grace period deadline
+- Admin Send tab (`POST /api/email`) populates all template variables per-recipient from DB (squares, amount, payment info, winners)
+- Available template variables: `{{name}}`, `{{email}}`, `{{squares}}`, `{{amountDue}}`, `{{commissioner}}`, `{{eventName}}`, `{{gameUrl}}`, `{{graceHours}}`, `{{paymentInstructions}}`, `{{paymentMethods}}`, `{{winners}}`, `{{rulesText}}`
+
+### Live Chat
+- WebSocket-based, embedded on front page (YouTube/Twitch live-chat style)
+- Blacklist-based word filtering
+- Admin/viewer can delete messages
+
+### Backup/Restore
+- Config-only or full (config + square/game data) export/import
+
+## Testing
+
+No testing framework is currently configured. To add tests, consider installing Jest or Vitest with React Testing Library.
+
+## Assets
+
+Team logos in `public/images/`: `afc-{team}.png` and `nfc-{team}.png` for all 32 NFL teams, plus conference logos, generic placeholders, Super Bowl event logos, and background images.
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..fd25a4f
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,72 @@
+FROM node:20-alpine AS base
+
+# --- Builder ---
+FROM base AS builder
+WORKDIR /app
+
+COPY package.json package-lock.json* ./
+COPY prisma ./prisma/
+RUN npm install
+
+COPY . .
+RUN npm run build
+
+# Compile seed script to JS so the runner doesn't need tsx
+RUN npx tsx --compile prisma/seed.ts > /dev/null 2>&1 || true
+RUN test -f prisma/seed.js || npx esbuild prisma/seed.ts --bundle --platform=node --outfile=prisma/seed.js --external:@prisma/client 2>/dev/null || true
+
+# --- Runner ---
+FROM base AS runner
+WORKDIR /app
+
+ENV NODE_ENV=production
+
+RUN addgroup --system --gid 1001 nodejs
+RUN adduser --system --uid 1001 nextjs
+
+# Install prisma CLI for db push at runtime
+RUN npm install -g prisma@6
+
+COPY --from=builder /app/public ./public
+COPY --from=builder /app/prisma ./prisma
+COPY --from=builder /app/docker-entrypoint.sh ./docker-entrypoint.sh
+
+# Copy standalone output (includes node_modules with @prisma/client)
+COPY --from=builder /app/.next/standalone ./
+COPY --from=builder /app/.next/static ./.next/static
+
+# Save the original standalone server.js (contains embedded nextConfig)
+# then override with our custom server that adds WebSocket support
+RUN cp /app/server.js /app/server.standalone.js
+COPY --from=builder /app/server.js ./server.js
+
+# Copy modules needed by custom server (not included in standalone output)
+COPY --from=builder /app/node_modules/ws ./node_modules/ws
+COPY --from=builder /app/node_modules/nodemailer ./node_modules/nodemailer
+# next-auth/jwt for WebSocket chat user identification
+COPY --from=builder /app/node_modules/next-auth ./node_modules/next-auth
+COPY --from=builder /app/node_modules/jose ./node_modules/jose
+COPY --from=builder /app/node_modules/@panva ./node_modules/@panva
+COPY --from=builder /app/node_modules/uuid ./node_modules/uuid
+COPY --from=builder /app/node_modules/@babel ./node_modules/@babel
+COPY --from=builder /app/node_modules/preact ./node_modules/preact
+COPY --from=builder /app/node_modules/preact-render-to-string ./node_modules/preact-render-to-string
+COPY --from=builder /app/node_modules/oauth ./node_modules/oauth
+COPY --from=builder /app/node_modules/openid-client ./node_modules/openid-client
+COPY --from=builder /app/node_modules/cookie ./node_modules/cookie
+
+# Seed script
+COPY --from=builder /app/prisma/seed.js ./prisma/seed.js
+
+# Fix Windows line endings and make executable
+RUN sed -i 's/\r$//' ./docker-entrypoint.sh && chmod +x ./docker-entrypoint.sh
+RUN chown -R nextjs:nodejs /app
+
+USER nextjs
+
+EXPOSE 3000
+
+ENV PORT=3000
+ENV HOSTNAME="0.0.0.0"
+
+ENTRYPOINT ["./docker-entrypoint.sh"]
diff --git a/docker-compose.yml b/docker-compose.yml
new file mode 100644
index 0000000..7813234
--- /dev/null
+++ b/docker-compose.yml
@@ -0,0 +1,27 @@
+services:
+  app:
+    build: .
+    network_mode: host
+    env_file: .env
+    environment:
+      - DATABASE_URL=postgresql://superbowl:superbowl@127.0.0.1:5432/superbowl?schema=public
+    depends_on:
+      db:
+        condition: service_healthy
+    restart: unless-stopped
+
+  db:
+    image: postgres:16-alpine
+    network_mode: host
+    env_file: .env
+    volumes:
+      - pgdata:/var/lib/postgresql/data
+    healthcheck:
+      test: ["CMD-SHELL", "pg_isready -U superbowl"]
+      interval: 5s
+      timeout: 5s
+      retries: 5
+    restart: unless-stopped
+
+volumes:
+  pgdata:
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
new file mode 100644
index 0000000..f6cd64e
--- /dev/null
+++ b/docker-entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+set -e
+
+echo "Running Prisma migrations..."
+npx prisma db push --skip-generate
+
+echo "Seeding database..."
+node prisma/seed.js || echo "Seed skipped (may already exist)"
+
+echo "Starting server..."
+exec node server.js
diff --git a/favicon.ico b/favicon.ico
new file mode 100644
index 0000000..4cbfe13
Binary files /dev/null and b/favicon.ico differ
diff --git a/images/AFC_logo_1738803834.png b/images/AFC_logo_1738803834.png
new file mode 100644
index 0000000..806942a
Binary files /dev/null and b/images/AFC_logo_1738803834.png differ
diff --git a/images/FootballField_Low.jpg b/images/FootballField_Low.jpg
new file mode 100644
index 0000000..47af4b6
Binary files /dev/null and b/images/FootballField_Low.jpg differ
diff --git a/images/NFC_logo_1738803826.png b/images/NFC_logo_1738803826.png
new file mode 100644
index 0000000..259a9b6
Binary files /dev/null and b/images/NFC_logo_1738803826.png differ
diff --git a/images/NFL-logo.gif b/images/NFL-logo.gif
new file mode 100644
index 0000000..bd3a7ff
Binary files /dev/null and b/images/NFL-logo.gif differ
diff --git a/images/afc-bengals.png b/images/afc-bengals.png
new file mode 100644
index 0000000..19c1379
Binary files /dev/null and b/images/afc-bengals.png differ
diff --git a/images/afc-bills.png b/images/afc-bills.png
new file mode 100644
index 0000000..890df0f
Binary files /dev/null and b/images/afc-bills.png differ
diff --git a/images/afc-broncos.png b/images/afc-broncos.png
new file mode 100644
index 0000000..2cb26fb
Binary files /dev/null and b/images/afc-broncos.png differ
diff --git a/images/afc-browns.png b/images/afc-browns.png
new file mode 100644
index 0000000..17a7ebf
Binary files /dev/null and b/images/afc-browns.png differ
diff --git a/images/afc-chargers.png b/images/afc-chargers.png
new file mode 100644
index 0000000..de6e251
Binary files /dev/null and b/images/afc-chargers.png differ
diff --git a/images/afc-chiefs.png b/images/afc-chiefs.png
new file mode 100644
index 0000000..96ee391
Binary files /dev/null and b/images/afc-chiefs.png differ
diff --git a/images/afc-colts.png b/images/afc-colts.png
new file mode 100644
index 0000000..5a93320
Binary files /dev/null and b/images/afc-colts.png differ
diff --git a/images/afc-dolphins.png b/images/afc-dolphins.png
new file mode 100644
index 0000000..74bf1b7
Binary files /dev/null and b/images/afc-dolphins.png differ
diff --git a/images/afc-generic.png b/images/afc-generic.png
new file mode 100644
index 0000000..42ab6ab
Binary files /dev/null and b/images/afc-generic.png differ
diff --git a/images/afc-jaguars.png b/images/afc-jaguars.png
new file mode 100644
index 0000000..6df917a
Binary files /dev/null and b/images/afc-jaguars.png differ
diff --git a/images/afc-jets.png b/images/afc-jets.png
new file mode 100644
index 0000000..186681b
Binary files /dev/null and b/images/afc-jets.png differ
diff --git a/images/afc-logo.png b/images/afc-logo.png
new file mode 100644
index 0000000..4acaa4e
Binary files /dev/null and b/images/afc-logo.png differ
diff --git a/images/afc-patriots.png b/images/afc-patriots.png
new file mode 100644
index 0000000..56d623e
Binary files /dev/null and b/images/afc-patriots.png differ
diff --git a/images/afc-raiders.png b/images/afc-raiders.png
new file mode 100644
index 0000000..0267bb9
Binary files /dev/null and b/images/afc-raiders.png differ
diff --git a/images/afc-ravens.png b/images/afc-ravens.png
new file mode 100644
index 0000000..fe71311
Binary files /dev/null and b/images/afc-ravens.png differ
diff --git a/images/afc-steelers.png b/images/afc-steelers.png
new file mode 100644
index 0000000..d91556b
Binary files /dev/null and b/images/afc-steelers.png differ
diff --git a/images/afc-texans.png b/images/afc-texans.png
new file mode 100644
index 0000000..cfb2828
Binary files /dev/null and b/images/afc-texans.png differ
diff --git a/images/afc-titans.png b/images/afc-titans.png
new file mode 100644
index 0000000..ea385ed
Binary files /dev/null and b/images/afc-titans.png differ
diff --git a/images/afcteam.png b/images/afcteam.png
new file mode 100644
index 0000000..3452e88
Binary files /dev/null and b/images/afcteam.png differ
diff --git a/images/background.jpg b/images/background.jpg
new file mode 100644
index 0000000..7985505
Binary files /dev/null and b/images/background.jpg differ
diff --git a/images/nfc-bears.png b/images/nfc-bears.png
new file mode 100644
index 0000000..5a8477d
Binary files /dev/null and b/images/nfc-bears.png differ
diff --git a/images/nfc-buccaneers.png b/images/nfc-buccaneers.png
new file mode 100644
index 0000000..e958136
Binary files /dev/null and b/images/nfc-buccaneers.png differ
diff --git a/images/nfc-cardinals.png b/images/nfc-cardinals.png
new file mode 100644
index 0000000..8c7b9f6
Binary files /dev/null and b/images/nfc-cardinals.png differ
diff --git a/images/nfc-commanders.png b/images/nfc-commanders.png
new file mode 100644
index 0000000..331ddcb
Binary files /dev/null and b/images/nfc-commanders.png differ
diff --git a/images/nfc-cowboys.png b/images/nfc-cowboys.png
new file mode 100644
index 0000000..a7ac941
Binary files /dev/null and b/images/nfc-cowboys.png differ
diff --git a/images/nfc-eagles.png b/images/nfc-eagles.png
new file mode 100644
index 0000000..d648b38
Binary files /dev/null and b/images/nfc-eagles.png differ
diff --git a/images/nfc-falcons.png b/images/nfc-falcons.png
new file mode 100644
index 0000000..0cb45fe
Binary files /dev/null and b/images/nfc-falcons.png differ
diff --git a/images/nfc-generic.png b/images/nfc-generic.png
new file mode 100644
index 0000000..9c308e0
Binary files /dev/null and b/images/nfc-generic.png differ
diff --git a/images/nfc-giants.png b/images/nfc-giants.png
new file mode 100644
index 0000000..2be66f3
Binary files /dev/null and b/images/nfc-giants.png differ
diff --git a/images/nfc-lions.png b/images/nfc-lions.png
new file mode 100644
index 0000000..8cb40f1
Binary files /dev/null and b/images/nfc-lions.png differ
diff --git a/images/nfc-logo.png b/images/nfc-logo.png
new file mode 100644
index 0000000..b15ab40
Binary files /dev/null and b/images/nfc-logo.png differ
diff --git a/images/nfc-packers.png b/images/nfc-packers.png
new file mode 100644
index 0000000..3ba4e6f
Binary files /dev/null and b/images/nfc-packers.png differ
diff --git a/images/nfc-panthers.png b/images/nfc-panthers.png
new file mode 100644
index 0000000..f0c9b17
Binary files /dev/null and b/images/nfc-panthers.png differ
diff --git a/images/nfc-rams.png b/images/nfc-rams.png
new file mode 100644
index 0000000..8c4c47c
Binary files /dev/null and b/images/nfc-rams.png differ
diff --git a/images/nfc-saints.png b/images/nfc-saints.png
new file mode 100644
index 0000000..bf9d125
Binary files /dev/null and b/images/nfc-saints.png differ
diff --git a/images/nfc-seahawks.png b/images/nfc-seahawks.png
new file mode 100644
index 0000000..cbb1a2c
Binary files /dev/null and b/images/nfc-seahawks.png differ
diff --git a/images/nfc-team.png b/images/nfc-team.png
new file mode 100644
index 0000000..ab61e14
Binary files /dev/null and b/images/nfc-team.png differ
diff --git a/images/nfc-vikings.png b/images/nfc-vikings.png
new file mode 100644
index 0000000..dd3c656
Binary files /dev/null and b/images/nfc-vikings.png differ
diff --git a/images/nfcteam.png b/images/nfcteam.png
new file mode 100644
index 0000000..0b61347
Binary files /dev/null and b/images/nfcteam.png differ
diff --git a/images/nfl-logo.png b/images/nfl-logo.png
new file mode 100644
index 0000000..08dab84
Binary files /dev/null and b/images/nfl-logo.png differ
diff --git a/images/superbowlnumber.png b/images/superbowlnumber.png
new file mode 100644
index 0000000..3e14b3f
Binary files /dev/null and b/images/superbowlnumber.png differ
diff --git a/images/superbowlnumber_LVIII.png b/images/superbowlnumber_LVIII.png
new file mode 100644
index 0000000..100888c
Binary files /dev/null and b/images/superbowlnumber_LVIII.png differ
diff --git a/legacy/admin.php b/legacy/admin.php
new file mode 100644
index 0000000..9b3a5ad
--- /dev/null
+++ b/legacy/admin.php
@@ -0,0 +1,181 @@
+<?php
+session_start();
+@ob_start();
+
+if (!isset($_SESSION['VNSB'])) {
+    header("Location: adminlogin.php");
+    exit;
+}
+
+require_once('config.php');
+$confirmation = $_POST['Confirmation'];
+$SQUARE = $_POST['square'];
+$CONFIRM = $_POST['confirm'];
+$RELEASE = $_POST['release'];
+$NOTES = $_POST['body'];
+
+require "header.inc";
+$sb_URL = $record['sb_URL'];
+
+// To send HTML mail, the Content-type header must be set
+$headers  = 'MIME-Version: 1.0' . "\r\n";
+$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\r\n";
+
+// Additional headers
+$headers .= "From: $commissioner <$ADMIN_EMAIL>" . "\r\n";
+$headers .= 'Bcc: $commissioner <$ADMIN_EMAIL>' . "\r\n";
+
+function notify_admin($mailto, $mailmessage, $mail_headers) {
+    mail($mailto, "Super Bowl Squares", $mailmessage, $mail_headers);
+}
+?>
+
+<h3>ADMINISTRATOR APPROVAL</h3>
+
+<?php
+if (!isset($confirmation)) {
+?>
+    <table width="50%" cellpadding="5" style="font-family: verdana, arial; border: #FFCC99 1px solid">
+        <tr>
+            <td height="28" colspan="3" align="center" style="font-size: 11px">
+                <strong>Confirm user selected square when payment is verified, or release the square if allowed time for payment has expired.</strong>
+            </td>
+        </tr>
+        <tr>
+            <td width="" align="center" valign="top">
+                <form name="approval" action="admin.php" method="post" enctype="multipart/form-data">
+                    <table width="100%" border="0" style="font-family: verdana, arial; font-size: 11px">
+                        <tr>
+                            <td><b>Square</b></td>
+                            <td>
+                                <select name="square[]" id="square" size="11" multiple>
+                                    <?php
+                                    $query = "SELECT * FROM VNSB_squares WHERE NAME!='AVAILABLE' AND NAME!='' AND CONFIRM='0' ORDER BY NAME, SQUARE";
+                                    $result = mysqli_query($conn, $query);
+                                    if (!$result) {
+                                        echo mysqli_error();
+                                        exit;
+                                    }
+                                    while ($record = mysqli_fetch_assoc($result)) {
+                                        echo "<option value='" . $record['SQUARE'] . "'>" . $record["NAME"] . " - " . $record["SQUARE"] . "</option>";
+                                    }
+                                    ?>
+                                </select>
+                            </td>
+                        </tr>
+                        <tr>
+                            <td><b>Confirm</b></td>
+                            <td><input type="checkbox" name="confirm" value="1"></td>
+                        </tr>
+                        <tr>
+                            <td><b>Release</b></td>
+                            <td><input type="checkbox" name="release" value="1"></td>
+                        </tr>
+                        <tr>
+                            <td><b>Notes to User</b></td>
+                            <td><textarea name="body" rows="3" cols="50" wrap="virtual" style="font-family: verdana, arial; font-size: 10px"></textarea></td>
+                        </tr>
+                        <tr>
+                            <td>&nbsp;</td>
+                            <td><br/><p><input type="submit" value="Confirmation" name="Confirmation"></p></td>
+                        </tr>
+                    </table>
+                </form>
+            </td>
+        </tr>
+    </table>
+    <p>
+<table width="50%" border="0" cellspacing="0" cellpadding="0" style="font-family: verdana, arial; font-size: 12px">
+  <tr>
+    <td width="16%"><a href="<?=$sb_URL?>" title="Home">Home</a></td>
+    <td width="16%" align="center"><a href="admin.php" title="Administrator">Admin</a></td>
+    <td width="16%" align="center"><a href="report.php" title="Balance Sheet">Balance Sheet</a></td>
+    <td width="16%" align="center"><a href="randomnumber.php" title="Number Generator">Number Generator</a></td>
+    <td width="16%" align="center"><a href="scores.php" title="Enter scores">Scores</a></td>
+    <td width="16%" align="center"><a href="adminlogout.php" title="Admin logout">Logout</a></td>
+  </tr>
+</table>
+    </p>
+<?php
+} else {
+    if (count((is_countable($SQUARE) ? $SQUARE : [])) > 0) {
+        $input = "";
+        $whereclause = "(";
+
+        for ($e = 0; $e < count($SQUARE); $e++) {
+            $whereclause .= "SQUARE = '" . trim($SQUARE[$e]) . "' OR ";
+            $square_list = $square_list . ", " . $SQUARE[$e];
+        }
+
+        $whereclause = substr_replace($whereclause, "", -3);  // strip off ' OR'
+        $whereclause = $whereclause . ")";
+
+        $square_list = substr_replace($square_list, "", 0, 2);
+
+        $query = "SELECT * FROM VNSB_squares WHERE $whereclause";
+        $result = mysqli_query($conn, $query);
+        if (!$result) {
+            echo mysqli_error();
+            exit;
+        }
+
+        $USER_EMAIL_LIST = '';
+        while ($record = mysqli_fetch_assoc($result)) {
+            $USER_EMAIL = $record["EMAIL"];
+            $pos = strpos($USER_EMAIL_LIST, $USER_EMAIL);
+            if ($pos === false) {
+                $USER_EMAIL_LIST = $USER_EMAIL_LIST . ", " . $USER_EMAIL;
+            }
+        }
+        $USER_EMAIL_LIST = substr_replace($USER_EMAIL_LIST, "", 0, 2);
+
+        $bodyMessage = "\r\nNOTIFICATION:<br />\r\n";
+        if ($CONFIRM == 1 && $RELEASE != 1) {
+            $query = "UPDATE VNSB_squares SET CONFIRM='1' WHERE $whereclause";
+            $bodyMessage .= "Your square $square_list is now confirmed.\r\n\n";
+        } else if ($RELEASE == 1 && $CONFIRM != 1) {
+            $query = "UPDATE VNSB_squares SET NAME='AVAILABLE', EMAIL='', NOTES='', DATE='', CONFIRM='0' WHERE $whereclause";
+            $bodyMessage .= "Your square $square_list selection is now released due to non payment.\r\n";
+            $bodyMessage .= "<br />If this is an error, please contact the commissioner or re-select your square/squares. <br />\r\n\n";
+        } else if (($CONFIRM != 1 && $RELEASE != 1) || ($RELEASE == 1 && $CONFIRM == 1)) {
+            echo "<p>Must select ONLY one 'Confirm' or 'Release' !!!</p>";
+            echo "<p><a href='javascript:onClick=history.go(-1);'>Back</a></p>";
+            exit;
+        }
+
+        $result = mysqli_query($conn, $query);
+        if (!$result) {
+            echo mysqli_error();
+        } else {
+            $bodyMessage .= "<br />Reason given:<br />\r\n";
+            $bodyMessage .= $NOTES . "\r\n\n";
+            $bodyMessage .= "<br /><br />Good Luck and enjoy the game!\r\n";
+            $bodyMessage .= "<br />- $commissioner\r\n";
+            $bodyMessage .= "<br /><a href=" . $sb_URL . ">$sb_URL</a>\r\n";
+
+            notify_admin($USER_EMAIL_LIST, $bodyMessage, $headers);
+            echo "<p>Square(s) <b>" . $square_list . "</b> updated successfully</p>";
+            echo "<p>Emailed to: " . $USER_EMAIL_LIST . "</p>";
+            echo "
+            <p>
+                <table width=\"50%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" style=\"font-family: verdana, arial; font-size: 12px\">
+                    <tr>
+                        <td width=\"16%\"><a href=\"<?=$sb_URL?\" title=\"Home\">Home</a></td>
+                        <td width=\"16%\" align=\"center\"><a href=\"admin.php\" title=\"Administrator\">Admin</a></td>
+                        <td width=\"16%\" align=\"center\"><a href=\"report.php\" title=\"Balance Sheet\">Balance Sheet</a></td>
+                        <td width=\"16%\" align=\"center\"><a href=\"randomnumber.php\" title=\"Number Generator\">Number Generator</a></td>
+                        <td width=\"16%\" align=\"center\"><a href=\"scores.php\" title=\"Enter scores\">Scores</a></td>
+                        <td width=\"16%\" align=\"center\"><a href=\"adminlogout.php\" title=\"Admin logout\">Logout</a></td>
+                    </tr>
+                </table>
+            </p>";
+            unset($confirmation, $SQUARE, $CONFIRM, $RELEASE, $NOTES, $ADM_EMAIL, $ADM_PASSWORD);
+        }
+    } else {
+        echo "<p>Must select at least one Square to Confirm or Release' !!!</p>";
+        echo "<p><a href='javascript:onClick=history.go(-1);'>Back</a></p>";
+        exit;
+    }
+}
+require "footer.inc";
+?>
\ No newline at end of file
diff --git a/legacy/adminlogin.php b/legacy/adminlogin.php
new file mode 100644
index 0000000..28e53b8
--- /dev/null
+++ b/legacy/adminlogin.php
@@ -0,0 +1,66 @@
+<?php 
+@ob_start();
+session_start();
+?>
+
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installation and usage instructions 
+-->
+
+<html>
+<head>
+<title>ADMIN - Login</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+</head>
+
+<body>
+<center>
+<?php
+$email=$_POST['AdminEmail'];
+$pass=$_POST['AdminPass'];
+
+// check to see if details have been passed to the script by the form
+if ($email && $pass) {
+	if ($_SESSION['VNSB']) {
+		echo $email.", you are already logged in.<br/><br/>";
+		echo "<a href='admin.php'>Admin</a><br/><br/><a href='adminlogout.php'>Log out.</a>";
+		exit;
+	}
+	// check input variables against database
+	include "config.php"; 
+	$sql = "SELECT Admin_email, Admin_pwd FROM VNSB_settings";
+	$result = mysqli_query($conn,$sql);									
+	// in case of an error, throw up an error message and exit
+	if (!$result) {
+		echo "Sorry, there is a problem with accessing your database!!!";
+		exit;
+	} else {
+		$record = mysqli_fetch_assoc($result);
+		if ($email==$record['Admin_email'] AND $pass==$record['Admin_pwd']) {
+			$_SESSION['VNSB']=$record['Admin_email'];
+			mysqli_close($conn);
+			header ("Location: admin.php");
+		} else {
+			echo "<center><h1>Invalid login</h1><p><a href=\"adminlogin.php\">Admin login</a></p></center>";
+			mysqli_close($conn);
+			exit;
+		}
+	}
+}
+
+?>
+<br />
+<br>
+<h2>Admin login</h2>
+ 
+<form method="post" action="adminlogin.php">
+<p> Email: &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input name="AdminEmail" type="text" size="30"></p>
+<p> Password: <input name="AdminPass" type="password" size="30"></p>
+<p> <input type="submit" value="Login"></p>
+</form>
+
+</center>
+</body>
+</html>
diff --git a/legacy/adminlogout.php b/legacy/adminlogout.php
new file mode 100644
index 0000000..64970ff
--- /dev/null
+++ b/legacy/adminlogout.php
@@ -0,0 +1,33 @@
+<?php 
+	session_start();
+?>
+
+<HTML>
+<head>
+<title>ADMIN - Logout</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+</head>
+
+<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
+<center>
+
+	 <H2>Logout</H2>
+	 <?php
+		// if the user is logged in, log them out
+		if ($_SESSION['VNSB']) {
+			unset($_SESSION['VNSB']);
+			echo "You are now logged out.";
+			echo "<br><br><em>Don't forget to close your brower when you are done!!!</em>";
+	
+		// if the user isnt logged in, let them know that
+		} else {
+			echo "You haven't even logged in yet.";
+		}
+	 ?>
+
+	 <p><a href="<?php echo $_SERVER['REQUEST_SCHEME']."://".$_SERVER['HTTP_HOST'].trim($_SERVER['PHP_SELF'], "adminlogout.php");?>">Home</a></p>
+	 <p><a href="admin.php">Admin</a></p>
+
+</center>
+</body>
+</html>
diff --git a/legacy/config.php b/legacy/config.php
new file mode 100644
index 0000000..a931389
--- /dev/null
+++ b/legacy/config.php
@@ -0,0 +1,19 @@
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installtion and usage instructions 
+-->
+
+<?php
+
+//make changes accordingly to your database
+$hostname = "localhost";
+$database = "u595523489_btdosuperbowl";
+$username = "u595523489_supusr";
+$password = "g9Ml#s|1V";
+$conn = mysqli_connect($hostname, $username, $password, $database);
+if (!$conn) {
+    die("Connection failed: ".mysqli_connect_error());
+}
+
+?>
diff --git a/legacy/emailall.php b/legacy/emailall.php
new file mode 100644
index 0000000..b229863
--- /dev/null
+++ b/legacy/emailall.php
@@ -0,0 +1,99 @@
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installation and usage instructions 
+Version: 4.1 	1/9/2012
+-->
+
+<?php
+@ob_start();
+session_start();
+
+if (!$_SESSION['VNSB']) { 
+?>
+	<meta http-equiv="Refresh"content="0;url=adminlogin.php">
+<?php
+} else {
+
+	require_once('config.php'); 
+	$sendemails = $_POST['sendemails'];
+	
+	require "header.inc"; 
+	$sb_URL = $record['sb_URL'];
+
+	$LINKS = "
+		<p>
+		  <table width=\"50%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" style=\"font-family: verdana, arial; font-size: 12px\">
+			<tr>
+			<td width=\"33%\"><a href=\"$sb_URL\" title=\"Home\">Home</a></td>
+			<td width=\"34%\" align=\"center\"><a href=\"admin.php\" title=\"Administrator\">Admin</a></td>
+			<td width=\"34%\" align=\"center\"><a href=\"./report.php\" title=\"Balance Sheet\">Balance Sheet</a></td>
+			<td width=\"33%\" align=\"right\"><a href=\"adminlogout.php\" title=\"Admin logout\">Logout</a></td>
+			</tr>
+		  </table>
+		</p>
+	";
+
+	function notify_admin ($mailto, $mailmessage, $mail_headers)
+	{
+		mail("$mailto", "Super Bowl Squares", "$mailmessage", "$mail_headers");
+	}
+?>
+
+	<h3>Send Email to ALL</h3>
+	<?php 
+	if (!isset($sendemails)) { ?>
+	  <table width="50%" cellpadding="5" style="font-family: verdana, arial; border: #FFCC99 1px solid">
+		<tr> 
+			<td height="28" colspan="3" align="center" style="font-size: 11px">
+				<strong>Click the button below to send an email to everyone and let them know the numbers have been picked and assigned for them to view and print as needed.</strong>
+			</td>
+		</tr>
+		<tr> 
+		  <td width="" align="center" valign="top">
+			<form name="approval"  action="emailall.php" method="post"> 
+				<table width="100%" border="0" style="font-family: verdana, arial; font-size: 11px">
+				  <tr>
+					<td>&nbsp;</a></td>
+					<td align="center"><br/><p><input type="submit" value="Send Emails" name="sendemails"></p></td>
+				  </tr>
+				</table>		
+			</form>
+			</td>
+		</tr>
+	  </table>
+	<?php 
+	echo $LINKS;
+
+	} else {
+		echo "<p>Emails send to:</p>";
+		$bodyMessage = "\r\nNOTIFICATION\r\n";
+		$bodyMessage .= "All squares have been selected and all numbers have been picked and assigned.\r\n";
+		$bodyMessage .= "You can view and print your own sheet at $sb_URL.\r\n\n";								
+		$bodyMessage .= "Good Luck and enjoy the game.\r\n\n";
+		$bodyMessage .= "$commissioner\r\n";
+		$headers = "From: $commissioner <$ADMIN_EMAIL>\r\n";
+		$sql="SELECT * FROM VNSB_squares ORDER BY EMAIL";
+		$result = mysqli_query($conn,$sql);
+		if (!$result) {
+			echo mysqli_error();
+			exit;
+		}
+		while ($record = mysqli_fetch_assoc($result)) {
+			if ($USER_EMAIL != $record["EMAIL"]) {
+				$USER_NAME = $record["NAME"];
+				$USER_EMAIL = $record["EMAIL"];
+				notify_admin($USER_EMAIL,$bodyMessage,$headers);
+				echo "<p><b>".$USER_NAME."</b>: ".$USER_EMAIL."</p>";
+			}
+		}				
+
+		echo $LINKS;
+		unset($sendemails);
+		$headers = "From: $commissioner <$ADMIN_EMAIL>\r\n";
+		notify_admin($ADMIN_EMAIL,$bodyMessage,$headers);
+	} ?>
+<?php require "footer.inc"; 
+
+}
+?>
diff --git a/legacy/err_log b/legacy/err_log
new file mode 100644
index 0000000..e69de29
diff --git a/legacy/footer.inc b/legacy/footer.inc
new file mode 100644
index 0000000..0c706c7
--- /dev/null
+++ b/legacy/footer.inc
@@ -0,0 +1,19 @@
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installation and usage instructions 
+-->
+
+<!-- You may not and shall not make any changes to this file -->
+<p>
+<table width="95%" style="font-family: verdana, arial; font-size: 9px">
+<tr>
+<td>Copyright &copy; <?=date("Y")?> <a href="http://www.vnlisting.com/" title="VNLISTING" target="_parent">VNLISTING</a> modified by <a href="http://www.djsplice.com" title="DJSPLICE.COM" target="_parent">djsplice.com</a></td>
+<td align="right">SB Squares v.<?=$VERSION?></td>
+</tr>
+</table>
+</p>
+</center>
+<?php mysqli_close($conn);	?>
+</body>
+</html>
diff --git a/legacy/gpl.txt b/legacy/gpl.txt
new file mode 100644
index 0000000..2243226
--- /dev/null
+++ b/legacy/gpl.txt
@@ -0,0 +1,340 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+                       59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+.
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+.
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+.
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+.
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+.
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Library General
+Public License instead of this License.
diff --git a/legacy/header.inc b/legacy/header.inc
new file mode 100644
index 0000000..c4ed792
--- /dev/null
+++ b/legacy/header.inc
@@ -0,0 +1,52 @@
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installation and usage instructions 
+-->
+
+<?php
+$query="SELECT * FROM VNSB_settings";
+$result = mysqli_query($conn, $query);
+if ($record = mysqli_fetch_assoc($result)) {
+	$SB_TITLE = $record['sb_title'];
+	$SB_URL = $record['sb_URL'];
+	$commissioner = $record['commissioner'];
+	$SB_EVENT = $record['sb_event'];
+	$SB_DATE = $record['sb_date'];
+	$SB_TIME = $record['sb_time'];
+	$SB_LOGO = $record['sb_logo'];
+	$NFC_TEAM = $record['NFC_team'];
+	$NFC_LOGO = $record['NFC_logo'];
+	$AFC_TEAM = $record['AFC_team'];
+	$AFC_LOGO = $record['AFC_logo'];
+	$VERSION = $record['Version'];
+	$ADMIN_EMAIL = $record['Admin_email'];
+	$ADMIN_PASSWORD = $record['Admin_pwd'];
+	//$ADMIN_VERIFY = $record['Admin_verify'];
+} else {
+	//echo mysql_error();
+	echo "<br/>Sorry, Technical problem occurred... Can't read from database.<br><br> Please notify this site admin</a>";
+	exit;
+}
+?>
+<html>
+<head>
+<title><?=$SB_TITLE?> <?=$SB_EVENT?> Squares v4</title>
+<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+<meta name="keywords" content="superbowl squares, super bowl, nfl squares online"/>
+<meta name="description" content="NFL Super Bowl Squares Online."/>
+<meta name="robots" content="index,nofollow"/>
+</head>
+<img src='images/FootballField_Low.jpg' style='position:fixed;top:0px;left:0px;width:100%;height:100%;z-index:-1;'>
+<body bgcolor="" link="#0033CC" vlink="#0033CC" alink="#CC0000" leftmargin="0" topmargin="10" marginwidth="0" marginheight="0">
+<!--body bgcolor="#99CCFF" link="#0033CC" vlink="#0033CC" alink="#CC0000" leftmargin="0" topmargin="10" marginwidth="0" marginheight="0"-->
+<center>
+<p>
+<table width="95%" border="0" cellspacing="0" cellpadding="0">
+<tr>
+<td align="center" width="33%"><img src="images/<?=$SB_LOGO?>" border="0" title="<?=$SB_EVENT?> Squares"></td>
+<td align="center" width="34%"><h2><font color="#009900"><br><?=$SB_TITLE?><br><?=$SB_EVENT?> Squares<br><?=$SB_DATE?><br><?=$SB_TIME?></font></h3></td>
+<td align="center" width="33%"><img src="images/<?=$AFC_LOGO?>" border="0" title="<?=$AFC_TEAM?>">&nbsp;&nbsp; <b><font size="+2">vs</font></b> &nbsp;&nbsp;<img src="images/<?=$NFC_LOGO?>" border="0" title="<?=$NFC_TEAM?>"></td>
+</tr>
+</table>
+<br/>
diff --git a/legacy/index.php b/legacy/index.php
new file mode 100644
index 0000000..d25c888
--- /dev/null
+++ b/legacy/index.php
@@ -0,0 +1,186 @@
+<?php
+require_once('config.php');  
+$NFC = array();
+$AFC = array();
+$cnt = 0;
+for ($i=1; $i<=10; $i++) {
+	$NFC[$i]="";
+	$AFC[$i]="";
+}
+$sql="SELECT * FROM VNSB_numbers";
+$result = mysqli_query($conn,$sql);
+#$result = mysql_query($query);
+if (!$result) {
+	echo mysqli_error($conn);
+	exit;
+} 
+
+while ($record = mysqli_fetch_assoc($result)) {
+	$cnt++;
+	$NFC[$cnt]=$record['NFC'];
+	$AFC[$cnt]=$record['AFC'];
+}
+
+$sql="SELECT * FROM VNSB_settings";
+$result = mysqli_query($conn,$sql);
+#$result = mysql_query($query);
+if ($record = mysqli_fetch_assoc($result)) {
+	$BET = $record['Bet'];
+	$sb_title = $record['sb_title'];
+	$PayPal = $record['PayPal'];
+	$Venmo = $record['Venmo'];
+	$CashApp = $record['CashApp'];
+	$Zelle = $record['Zelle'];
+	$WIN_FIRST = $record['Win_first'];
+	$WIN_SECOND = $record['Win_second'];
+	$WIN_THIRD = $record['Win_third'];
+	$WIN_FINAL = $record['Win_final'];
+	$WIN_FINAL = $record['Win_final'];
+	$DONATION_FINAL = $record['Donation_Final'];
+	$FIRST = (100 * (int)$BET ) * ((int)$WIN_FIRST/100);
+	$SECOND = (100 * (int)$BET ) * ((int)$WIN_SECOND/100);
+	$THIRD = (100 * (int)$BET ) * ((int)$WIN_THIRD/100);
+	$FINAL = (100 * (int)$BET ) * ((int)$WIN_FINAL/100);
+	$DONATION = (100 * (int)$BET ) * ((int)$DONATION_FINAL/100);
+} else {
+	echo mysqli_error($conn);
+	exit;
+}
+  $sql="SELECT * FROM VNSB_scores ORDER BY ID DESC LIMIT 1";
+  $result = mysqli_query($conn, $sql);
+  if (!$result) {
+  	echo mysqli_error();
+  	exit;
+  }
+  
+  $scores = mysqli_fetch_assoc($result);
+      $NFC_FIRST=$scores['NFC_FIRST'];
+      $AFC_FIRST=$scores['AFC_FIRST'];
+      $NFC_HALF=$scores['NFC_HALF'];
+      $AFC_HALF=$scores['AFC_HALF'];
+      $NFC_THIRD=$scores['NFC_THIRD'];
+      $AFC_THIRD=$scores['AFC_THIRD'];
+      $NFC_FINAL=$scores['NFC_FINAL'];
+      $AFC_FINAL=$scores['AFC_FINAL'];
+//count of remaining squares
+$result=mysqli_query($conn,"SELECT COUNT(*) as 'total' FROM VNSB_squares WHERE CONFIRM='0'");
+$data=mysqli_fetch_assoc($result);
+
+require "header.inc"; ?>
+<!--<p align="center">This is the live demo.  Use real email to see the script at work.</p>-->
+<table width="95%" border="1" cellspacing="1" cellpadding="5" style="font-family: Verdana,Ariel; font-size: 10px; color:#0066CC;">
+  <tr>
+  	<td align="center" style="border-top: none; border-left: none;"><img src="images/NFL-logo.gif" title="National Football League" border="0" /></td>
+<?php
+	for ($i=1; $i<=10; $i++) {
+    	echo "<td align=\"center\" style=\"font-size:12px; color:#232B85; font-weight:bold\">".$NFC_TEAM."<br>".$NFC[$i]."</td>";
+	}
+?>
+  </tr>
+<tr>
+<form name="sqSelect" method="post" action="signup.php">
+
+<?php
+$sql="SELECT * FROM VNSB_squares ORDER BY SQUARE";
+$result = mysqli_query($conn,$sql);
+#$result = mysql_query($query);
+if (!$result) {
+	echo mysqli_error($conn);
+	exit;
+} 
+$cnt_row = 0;
+$i=0;
+$closed=1;
+while ($record = mysqli_fetch_assoc($result)) {	
+	if ($cnt_row==0) {$i++; echo"<td align=\"center\" style=\"font-size:12px; color:#DB2824; font-weight:bold\">".$AFC_TEAM."<br/>".$AFC[$i]."</td>";}
+	if ($record['NAME'] == "AVAILABLE") { 
+		$closed=0;
+		echo "<td align=\"center\" width='10%' title='only $".$BET."'>".$record['SQUARE']." ".$record['NAME']."<br/>";
+		echo "<input name=\"sqNum_".$record['SQUARE']."\" type=\"checkbox\" value=\"".$record['SQUARE']."\"></input>";
+		//<a href=\"signup.php?square=".$record['SQUARE']."\">".stripslashes($record['NAME'])."<br/>".$record['SQUARE']."</a>
+		echo "</td>";
+	} else if ($record['NAME']!="AVAILABLE" && $record['CONFIRM']==1) {
+		echo "<td width='10%' bgcolor='#99ff66' align='center' title=\"".$record['NOTES']."\"><strong>".stripslashes($record['NAME'])."</strong><br/>Confirmed</td>";
+	} else {
+		echo "<td width='10%' bgcolor='#ff9966' align='center' title=\"".$record['NOTES']."\"><strong>".stripslashes($record['NAME'])."</strong><br/>Pending</td>";
+	}
+	
+	$cnt_row++;
+	if ($cnt_row==10) {
+		$cnt_row=0;
+		echo "</tr><tr>";
+	}
+}
+?>
+</tr>
+</table>
+<?php
+if ( !$closed ) {
+?>
+<p style="font-family: Verdana,Ariel; font-size: 10px; color:#0066CC; font-weight:bold">
+<p>Only <a style="font-family: Verdana,Ariel; font-size: 12px; color:#FF0000; font-weight:bold"><?php echo $data['total'];?></a> squares left!</p>
+<p>Check all your desired squares and click Submit to enter your information</p><br />
+<input type="submit" name="sqSelect_Submit" value="Submit" title="Submit your selection"></input>
+</p>
+<?php } ?>
+</form>
+<br/>
+<table width="95%" cellspacing="5" cellpadding="5" style="font-family: Verdana,Ariel; font-size: 12px; border: #009900 1px solid">
+<tr>
+<td align="left" width="46%" valign="top">
+<p><strong>The Rules:</strong></p>
+<ul>
+<li><strong>$<?=$BET?></strong> Per square</li>
+<li>You can buy as many squares as you want</li>
+<li>Your square(s) is/are not guaranteed until your payment is verified</li>
+<li>Numbers will be randomly draw and assigned after all squares are taken</li>
+<li>When confirmed, your square(s) will be changed to&nbsp;<span style="color: #009900;"><strong>GREEN</strong></span></li>
+<li>Please make payment via the following:
+<ul>
+<li><b>Cash</b></li>
+<li><b>Zelle:</b> <?=$Zelle?></li>
+<li><b>PayPal:</b> <?=$PayPal?>  (Use 'Friends and Family')</li>
+<li><b>Venmo:</b> <?=$Venmo?></li>
+<li><b>CashApp:</b> <?=$CashApp?></li>
+</td>
+    <td align="center" width="27%" valign="top">
+      <table width="100%" style="font-family: Verdana,Ariel; font-size: 12px; border: #009900 1px solid">
+        <tr>
+          <td colspan="3" align="center"><strong>The Payout:</strong></td>
+        </tr>
+        <tr>
+          <td width="60%">
+            <li>End of first quarter:</li>
+            <li>End of second quarter:</li>
+            <li>End of third quarter:</li>
+            <li>Final Score:</li>
+            <!-- <li>Donation:</li> -->
+          </td>
+          <td width="20%">
+            <dt><strong><font color="#232B85"><?=$NFC_FIRST?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?=$AFC_FIRST?></font></strong></dt>
+            <dt><strong><font color="#232B85"><?=$NFC_HALF?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?=$AFC_HALF?></font></strong></dt>
+            <dt><strong><font color="#232B85"><?=$NFC_THIRD?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?=$AFC_THIRD?></font></strong></dt>
+            <dt><strong><font color="#232B85"><?=$NFC_FINAL?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?=$AFC_FINAL?></font></strong></dt>
+          </td>
+          <td width="10%">
+            <dt><?=$WIN_FIRST?>%</dt>
+            <dt><?=$WIN_SECOND?>%</dt>
+            <dt><?=$WIN_THIRD?>%</dt>
+            <dt><?=$WIN_FINAL?>%</dt>
+            <!-- <dt><?=$DONATION_FINAL?>%</dt> -->
+          </td>
+          <td width="10%" align="right" style="font-weight: 600px">
+            <dt><strong>$<?=$FIRST?></strong></dt>
+            <dt><strong>$<?=$SECOND?></strong></dt>
+            <dt><strong>$<?=$THIRD?></strong></dt>
+            <dt><strong>$<?=$FINAL?></strong></dt>
+            <!-- <dt><strong>$<?=$DONATION?></strong></dt> -->
+          </td>
+        </tr>
+      </table>
+    </td>
+</tr>
+</table>
+</p>
+
+<?php require "footer.inc"; ?>
diff --git a/legacy/randomnumber.php b/legacy/randomnumber.php
new file mode 100644
index 0000000..93c3855
--- /dev/null
+++ b/legacy/randomnumber.php
@@ -0,0 +1,160 @@
+<?php
+@ob_start();
+session_start();
+if (!$_SESSION['VNSB']) { 
+?>
+	<meta http-equiv="Refresh"content="0;url=adminlogin.php">
+<?php
+} else {
+
+	require_once('config.php'); 
+	$RANDOM = $_REQUEST['randomnumber'];
+
+	require "header.inc"; 
+	$sb_URL = $record['sb_URL'];
+
+	$LINKS = "
+		<p>
+		  <table width=\"50%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\" style=\"font-family: verdana, arial; font-size: 12px\">
+			<tr>
+			<td width=\"20%\" align=\"center\"><a href=\"$sb_URL\" title=\"Home\">Home</a></td>
+			<td width=\"20%\" align=\"center\"><a href=\"./admin.php\" title=\"Administrator\">Admin</a></td>
+			<td width=\"20%\" align=\"center\"><a href=\"report.php\" title=\"Admin logout\">Balance Sheet</a></td>
+			<td width=\"20%\" align=\"center\"><a href=\"randomnumber.php\" title=\"Admin logout\">Number Generator</a></td>
+			<td width=\"20%\" align=\"center\"><a href=\"scores.php\" title=\"Admin logout\">Scores</a></td>
+			<td width=\"20%\" align=\"center\"><a href=\"adminlogout.php\" title=\"Admin logout\">Logout</a></td>
+			</tr>
+		  </table>
+		</p>
+	";
+
+	echo "
+	<h1>Numbers Assignment</h1>
+	<p>To be fair, numbers selection is not allowed until all squares are purchased/selected.</p>
+	<p>Numbers are only allowed to be entered once, either by randomly generated or manually entered.</p>
+	<br/>
+	";
+
+	// makesure all squares are selected
+	$sql="SELECT * FROM VNSB_squares WHERE `NAME`='AVAILABLE'";
+	$result = mysqli_query($conn,$sql);
+	if ($record = mysqli_fetch_assoc($result)) {
+		echo "<br><h2 style=\"color: #ff0000\">Squares are still available!!!</h2><br>";
+		echo $LINKS;
+		require "footer.inc";
+		exit();
+	}
+
+	// stop if numbers existed
+	$sql="SELECT * FROM VNSB_numbers";
+	$result = mysqli_query($conn,$sql);
+	if ($record = mysqli_fetch_assoc($result)) {
+		echo "<br><h2 style=\"color: #ff0000\">Numbers already exist!!!</h2><br>";
+		echo $LINKS;
+		require "footer.inc";
+		exit();
+	}
+
+	if (isset($RANDOM)) {
+		//unset($RANDOM);  // for testing
+		$NFC = array();
+		$AFC = array();
+		echo "<p><b>Notify everyone via <a href=\"emailall.php\" title=\"Let them know nubmers are picked\">emails</a></b></p>";
+		echo "<h3>RANDOMLY GENERATED NUMBERS</h3>";
+		
+		for ($i=1; $i<=10; $i++) {
+			while (1) {
+				$duplicate = 0;
+				$num=rand(0,9);		
+				for ($x=1; $x<$i; $x++) {
+					if ($NFC[$x]==$num) { $duplicate = 1; }
+				}
+				
+				if ($duplicate==0) {
+					$NFC[$i]=$num;
+					break;
+				}
+			}
+		}
+		
+		for ($i=1; $i<=10; $i++) {
+			while (1) {
+				$duplicate = 0;
+				$num=rand(0,9);		
+				for ($x=1; $x<$i; $x++) {
+					if ($AFC[$x]==$num) { $duplicate = 1; }
+				}
+				
+				if ($duplicate==0) {
+					$AFC[$i]=$num;
+					break;
+				}
+			}
+		}
+		
+		
+		//show table for review
+		echo "<table width=\"95%\" border=\"1\" cellspacing=\"1\" cellpadding=\"5\" style=\"font-family: Verdana,Ariel; font-size: 10px\">
+		  <tr>
+			<td style=\"border-top: none; border-left: none\">&nbsp;</td>";
+		
+			for ($i=1; $i<=10; $i++) {
+				echo "<td align=\"center\">".$NFC_TEAM."&nbsp;<font size=\"3\" color=\"blue\"><strong>".$NFC[$i]."</strong></font></td>";
+			}
+		echo "
+		  </tr>
+		<tr>";
+		
+		$sql="SELECT * FROM VNSB_squares ORDER BY SQUARE";
+		$result = mysqli_query($conn,$sql);
+		if (!$result) {
+			echo mysqli_error();
+			exit;
+		}
+		$cnt_row = 0;
+		$i=0;
+		while ($record = mysqli_fetch_assoc($result)) {	
+			if ($cnt_row==0) {$i++; echo"<td align='center'> $AFC_TEAM<br/><font size='3' color=\"red\"><strong>".$AFC[$i]."</strong></font> </td>";}
+			if ($record['NAME'] == "AVAILABLE") { 
+				echo "<td width='10%' title='only $".$BET."'><a href=\"signup.php?square=".$record['SQUARE']."\">".stripslashes($record['NAME'])."<br/>".$record['SQUARE']."</a></td>";
+			} else if ($record['NAME']!="AVAILABLE" && $record['CONFIRM']==1) {
+				echo "<td width='10%' bgcolor='#99ff66' align='center' title=\"".$record['NOTES']."\"><strong>".stripslashes($record['NAME'])."</strong><br/>Confirmed</td>";
+			} else {
+				echo "<td width='10%' bgcolor='#ff9966' align='center' title=\"".$record['NOTES']."\"><strong>".stripslashes($record['NAME'])."</strong><br/>Pending</td>";
+			}
+			
+			$cnt_row++;
+			if ($cnt_row==10) {
+				$cnt_row=0;
+				echo "</tr><tr>";
+			}
+		}
+		echo "</table>";	
+	} else {
+	?>
+
+	<form action="" method="post">
+	<input type="submit" name="randomnumber" value="Random" title="Auto select numbers randomly"></input>
+	</form>
+
+	<?php
+	}
+
+	// save to database
+	if (isset($RANDOM)) {
+		for ($n=1; $n<=10; $n++) {
+			$sql="INSERT INTO VNSB_numbers (NFC, AFC) VALUES ('".$NFC[$n]."','".$AFC[$n]."')";
+			$result = mysqli_query($conn,$sql);
+			if (!$result) {
+				echo mysqli_error();
+				echo "<p>PROBLEM WRITING NUMBERS INTO DATABASE!</p>";
+				exit;
+			}
+		}
+	}
+
+	echo $LINKS;
+	require "footer.inc";
+}
+?>
+
diff --git a/legacy/report.php b/legacy/report.php
new file mode 100644
index 0000000..2e45561
--- /dev/null
+++ b/legacy/report.php
@@ -0,0 +1,120 @@
+<?php
+@ob_start();
+session_start();
+if (!$_SESSION['VNSB']) { 
+?>
+	<meta http-equiv="Refresh"content="0;url=adminlogin.php">
+<?php
+} 
+?>
+
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installation and usage instructions 
+Version: 4.3 	1/29/2019
+-->
+
+<?php
+require_once('config.php');
+
+require "header.inc";
+
+$square = $_POST['square'];
+//$name = $_POST['name'];
+$email = $_POST['email'];
+$notes = $_POST['body'];
+$comments = $_POST['notes'];
+$date = date("Y-m-d h:i:s");
+$confirm = $_POST['confirmation'];
+
+
+$sql = "SELECT main.name,main.notes as comments,main.email, bet * (count( unpaid.confirm ) + count( paid.confirm )) AS 'Total', bet * (count( paid.confirm )) AS 'Paid'
+        FROM VNSB_settings, VNSB_squares main
+        LEFT OUTER JOIN VNSB_squares unpaid ON unpaid.square = main.square AND unpaid.confirm =0
+        LEFT OUTER JOIN VNSB_squares paid ON paid.square = main.square AND paid.confirm =1
+        WHERE main.name <> 'AVAILABLE'
+		GROUP BY main.email, comments
+        ORDER BY main.email";
+
+
+$result = mysqli_query($conn,$sql);
+
+if (!$result)
+{
+   //echo mysql_error();
+   echo "<BR>Sorry, Technical problem occurred... Can't read from database.";
+   exit;
+}
+
+?>
+
+<TABLE border=0 cellpadding=5>
+<?
+
+$cnt_row = 0;
+
+while ($record = mysqli_fetch_assoc($result))
+{
+  if(($cnt_row % 2) == 0)
+  {
+    $color = "#DDDDDD";
+  }
+  else
+  {
+    $color = "#CCCCCC";
+  }
+      
+  if ($cnt_row==0)
+  {
+    ?>
+    <tr>
+	<td valign="top" align="center" bgcolor="#CCCCCC"><b><u>NAME</u></b></td>
+    <td valign="top" align="center" bgcolor="#CCCCCC"><b><u>EMAIL</u></b></td>
+    <td valign="top" align="center" bgcolor="#CCCCCC"><b><u>TOTAL DUE</u></b></td>
+    <td valign="top" align="center" bgcolor="#CCCCCC"><b><u>TOTAL PAID</u></b></td>
+    <td valign="top" align="center" bgcolor="#CCCCCC"><b><u>BALANCE</u></b></td>
+	<td valign="top" align="center" bgcolor="#CCCCCC"><b><u>COMMENTS</u></b></td>
+    </tr>
+    <tr>
+    <td valign="top"  bgcolor="#DDDDDD"><?=$record['name']?></td>
+	<td valign="top"  bgcolor="#DDDDDD"><?=$record['email']?></dt>
+    <td valign="top"  bgcolor="#DDDDDD">$<?=$record['Total']?>.00</td>
+    <td valign="top"  bgcolor="#DDDDDD">$<?=$record['Paid']?>.00</td>
+    <td valign="top"  bgcolor="#DDDDDD"><b>$<?=$record['Total']-$record['Paid']?>.00</b></td>
+	<td valign="top"  bgcolor="#DDDDDD"><b><?=$record['comments']?></b></td>
+    </tr>
+    <?
+  }
+  else
+  {
+    ?>
+    <tr>
+    <td valign="top"  bgcolor=<?=$color?>><?=$record['name']?></td>
+	<td valign="top"  bgcolor=<?=$color?>><?=$record['email']?></td>
+    <td valign="top"  bgcolor=<?=$color?>>$<?=$record['Total']?>.00</td>
+    <td valign="top"  bgcolor=<?=$color?>>$<?=$record['Paid']?>.00</td>
+    <td valign="top"  bgcolor=<?=$color?>><b>$<?=$record['Total']-$record['Paid']?>.00</b></td>
+	<td valign="top"  bgcolor="#DDDDDD"><b><?=$record['comments']?></b></td>
+    </tr>
+    <?
+  }
+  $cnt_row++;
+}
+
+?>
+ </TABLE>
+ <br />
+ <br />
+ <br />
+<table width="50%" border="0" cellspacing="0" cellpadding="0" style="font-family: verdana, arial; font-size: 12px">
+  <tr>
+    <td width="16%"><a href="<?=$sb_URL?>" title="Home">Home</a></td>
+    <td width="16%" align="center"><a href="admin.php" title="Administrator">Admin</a></td>
+    <td width="16%" align="center"><a href="report.php" title="Balance Sheet">Balance Sheet</a></td>
+    <td width="16%" align="center"><a href="randomnumber.php" title="Number Generator">Number Generator</a></td>
+    <td width="16%" align="center"><a href="scores.php" title="Enter scores">Scores</a></td>
+    <td width="16%" align="center"><a href="adminlogout.php" title="Admin logout">Logout</a></td>
+  </tr>
+</table>
+<?php require "footer.inc"; ?>
diff --git a/legacy/schema.sql b/legacy/schema.sql
new file mode 100644
index 0000000..d9935bf
--- /dev/null
+++ b/legacy/schema.sql
@@ -0,0 +1,222 @@
+-- phpMyAdmin SQL Dump
+-- version 2.8.0.1
+-- http://www.phpmyadmin.net
+--
+-- Updated by: djsplice
+-- Date: 1-25-2024
+-- 
+-- Host: custsql-pow13
+-- Generation Time: Dec 13, 2013 at 12:59 AM
+-- Server version: 5.5.32
+-- PHP Version: 4.4.9
+-- 
+-- Database: `superbowl`
+-- 
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `VNSB_numbers`
+-- 
+
+DROP TABLE IF EXISTS `VNSB_numbers`;
+CREATE TABLE IF NOT EXISTS `VNSB_numbers` (
+  `NFC` tinyint(2) DEFAULT NULL,
+  `AFC` tinyint(2) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='Randomly picked numbers';
+
+-- 
+-- Dumping data for table `VNSB_numbers`
+-- 
+
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `VNSB_scores`
+-- 
+
+DROP TABLE IF EXISTS `VNSB_scores`;
+CREATE TABLE IF NOT EXISTS `VNSB_scores` (
+  `ID` tinyint(2) NOT NULL,
+  `NFC_FIRST` tinyint(2) DEFAULT NULL,
+  `AFC_FIRST` tinyint(2) DEFAULT NULL,
+  `NFC_HALF` tinyint(2) DEFAULT NULL,
+  `AFC_HALF` tinyint(2) DEFAULT NULL,
+  `NFC_THIRD` tinyint(2) DEFAULT NULL,
+  `AFC_THIRD` tinyint(2) DEFAULT NULL,
+  `NFC_FINAL` tinyint(2) DEFAULT NULL,
+  `AFC_FINAL` tinyint(2) DEFAULT NULL
+) ENGINE=MyISAM DEFAULT CHARSET=latin1;
+
+-- 
+-- Dumping data for table `VNSB_scores`
+-- 
+
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `VNSB_settings`
+-- 
+
+DROP TABLE IF EXISTS `VNSB_settings`;
+CREATE TABLE IF NOT EXISTS `VNSB_settings` (
+  `sb_title` varchar(26) NOT NULL COMMENT 'Title of Superbowl Squares',
+  `commissioner` varchar(26) NULL COMMENT 'Name of commissioner (ie. Event Commissioner',
+  `sb_event` varchar(26) NULL COMMENT 'Name of Event (ie. Superbowl LII)',
+  `sb_date` varchar(30) NOT NULL DEFAULT '' COMMENT 'Date of Event/Game',
+  `sb_time` varchar(8) NULL COMMENT 'Time of Event/Game',
+  `sb_logo` varchar(30) DEFAULT NULL COMMENT 'Official logo of event',
+  `NFC_team` varchar(30) DEFAULT NULL COMMENT 'NFC team name',
+  `NFC_logo` varchar(30) DEFAULT NULL COMMENT 'NFC team logo',
+  `AFC_team` varchar(30) DEFAULT NULL COMMENT 'AFC team name',
+  `AFC_logo` varchar(30) DEFAULT NULL COMMENT 'AFC team logo',
+  `Bet` varchar(5) NOT NULL DEFAULT '5.00' COMMENT 'Dollar amount per square',
+  `Win_first` tinyint(2) NOT NULL DEFAULT '20' COMMENT 'Percent that goes to winner of 1st quarter',
+  `Win_second` tinyint(2) NOT NULL DEFAULT '25' COMMENT 'Percent that goes to winner of 2nd quarter',
+  `Win_third` tinyint(2) NOT NULL DEFAULT '20' COMMENT 'Percent that goes to winner of 3rd quarter',
+  `Win_final` tinyint(2) NOT NULL DEFAULT '35' COMMENT 'Percent that goes to winner of final score',
+  `Donation_Final` tinyint(2) NOT NULL DEFAULT '0' COMMENT 'Percent that will go to the charity/donation. This can be 0',
+  `Version` char(3) NOT NULL DEFAULT '',
+  `Admin_email` varchar(30) NOT NULL DEFAULT 'admin@email.com' COMMENT 'Admin login email',
+  `Admin_pwd` varchar(8) NOT NULL DEFAULT 'password' COMMENT 'Admin login password',
+  `Grace` int(11) DEFAULT NULL COMMENT 'Grace period for payment in hours',
+  `Venmo` varchar(20) DEFAULT NULL COMMENT 'Venmo address. Start with ''@''',
+  `PayPal` varchar(50) DEFAULT NULL COMMENT 'PayPal link or email address',
+  `CashApp` varchar(50) DEFAULT NULL COMMENT 'CashApp address. Start with ''$''',
+  `Zelle` varchar(50) DEFAULT NULL COMMENT 'Zelle contact address (phone or email)',
+  PRIMARY KEY (`sb_date`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='Setting for VN SuperBowl Squares';
+
+-- 
+-- Dumping data for table `VNSB_settings`
+-- 
+
+INSERT INTO `VNSB_settings` VALUES ('Host Name', 'Commissioner Name', 'Superbowl LVIII', 'Sunday February 11, 2024', '3:30 PM', 'superbowlnumber.png', 'NFC Team', 'nfc-generic.png', 'AFC Team', 'afc-generic.png', '5.00', 20, 25, 20, 35, 0, '5.1', 'admin@yourdomain.com', 'password', 24, '@venmo', 'paypal@email.com', '$cashapp', 'zelle@email.com');
+
+-- --------------------------------------------------------
+
+-- 
+-- Table structure for table `VNSB_squares`
+-- 
+
+DROP TABLE IF EXISTS `VNSB_squares`;
+CREATE TABLE IF NOT EXISTS `VNSB_squares` (
+  `SQUARE` varchar(15) NOT NULL DEFAULT '',
+  `NAME` varchar(30) NOT NULL DEFAULT 'AVAILABLE',
+  `EMAIL` varchar(45) DEFAULT NULL,
+  `NOTES` text,
+  `DATE` datetime NOT NULL DEFAULT '0000-00-00 00:00:00',
+  `CONFIRM` tinyint(1) NOT NULL DEFAULT '0',
+  `FIRST` tinyint(1) NOT NULL DEFAULT '0',
+  `HALF` tinyint(1) NOT NULL DEFAULT '0',
+  `THIRD` tinyint(1) NOT NULL DEFAULT '0',
+  `FINAL` tinyint(1) NOT NULL DEFAULT '0',
+  UNIQUE KEY `SQUARE` (`SQUARE`)
+) ENGINE=MyISAM DEFAULT CHARSET=latin1 COMMENT='Super Bowl Squares';
+
+-- 
+-- Dumping data for table `VNSB_squares`
+-- 
+
+INSERT INTO `VNSB_squares` VALUES ('00', 'AVAILABLE', NULL, NULL, '2013-01-14 01:56:43', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('01', 'AVAILABLE', NULL, NULL, '2013-01-15 12:10:16', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('02', 'AVAILABLE', NULL, NULL, '2013-01-09 11:53:47', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('03', 'AVAILABLE', NULL, NULL, '2013-01-15 08:41:10', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('04', 'AVAILABLE', NULL, NULL, '2013-01-14 01:52:22', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('05', 'AVAILABLE', NULL, NULL, '2013-01-08 12:45:49', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('06', 'AVAILABLE', NULL, NULL, '2013-01-21 12:38:27', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('07', 'AVAILABLE', NULL, NULL, '2013-01-18 02:49:41', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('08', 'AVAILABLE', NULL, NULL, '2013-01-14 01:23:21', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('09', 'AVAILABLE', NULL, NULL, '2013-01-14 02:30:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('10', 'AVAILABLE', NULL, NULL, '2013-01-08 12:58:53', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('11', 'AVAILABLE', NULL, NULL, '2013-01-08 04:34:09', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('12', 'AVAILABLE', NULL, NULL, '2013-01-08 03:53:14', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('13', 'AVAILABLE', NULL, NULL, '2013-01-14 04:26:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('14', 'AVAILABLE', NULL, NULL, '2013-01-20 10:03:29', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('15', 'AVAILABLE', NULL, NULL, '2013-01-13 02:31:36', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('16', 'AVAILABLE', NULL, NULL, '2013-01-14 02:18:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('17', 'AVAILABLE', NULL, NULL, '2013-01-14 01:36:04', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('18', 'AVAILABLE', NULL, NULL, '2013-01-14 08:48:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('19', 'AVAILABLE', NULL, NULL, '2013-01-20 07:02:59', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('20', 'AVAILABLE', NULL, NULL, '2013-01-15 08:41:10', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('21', 'AVAILABLE', NULL, NULL, '2013-01-08 12:45:49', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('22', 'AVAILABLE', NULL, NULL, '2013-01-09 11:53:47', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('23', 'AVAILABLE', NULL, NULL, '2013-01-08 03:53:33', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('24', 'AVAILABLE', NULL, NULL, '2013-01-08 12:58:53', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('25', 'AVAILABLE', NULL, NULL, '2013-01-20 10:03:50', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('26', 'AVAILABLE', NULL, NULL, '2013-01-16 07:36:01', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('27', 'AVAILABLE', NULL, NULL, '2013-01-08 12:45:49', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('28', 'AVAILABLE', NULL, NULL, '2013-01-18 03:16:41', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('29', 'AVAILABLE', NULL, NULL, '2013-01-20 08:44:30', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('30', 'AVAILABLE', NULL, NULL, '2013-01-22 02:21:03', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('31', 'AVAILABLE', NULL, NULL, '2013-01-22 02:21:03', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('32', 'AVAILABLE', NULL, NULL, '2013-01-13 02:31:36', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('33', 'AVAILABLE', NULL, NULL, '2013-01-08 04:34:09', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('34', 'AVAILABLE', NULL, NULL, '2013-01-15 12:10:16', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('35', 'AVAILABLE', NULL, NULL, '2013-01-14 02:30:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('36', 'AVAILABLE', NULL, NULL, '2013-01-20 10:04:10', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('37', 'AVAILABLE', NULL, NULL, '2013-01-15 12:25:05', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('38', 'AVAILABLE', NULL, NULL, '2013-01-20 10:46:57', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('39', 'AVAILABLE', NULL, NULL, '2013-01-14 04:04:01', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('40', 'AVAILABLE', NULL, NULL, '2013-01-14 01:52:22', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('41', 'AVAILABLE', NULL, NULL, '2013-01-15 08:41:10', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('42', 'AVAILABLE', NULL, NULL, '2013-01-14 02:18:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('43', 'AVAILABLE', NULL, NULL, '2013-01-14 02:30:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('44', 'AVAILABLE', NULL, NULL, '2013-01-11 07:25:05', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('45', 'AVAILABLE', NULL, NULL, '2013-01-14 01:36:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('46', 'AVAILABLE', NULL, NULL, '2013-01-08 02:11:23', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('47', 'AVAILABLE', NULL, NULL, '2013-01-14 01:56:43', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('48', 'AVAILABLE', NULL, NULL, '2013-01-14 04:26:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('49', 'AVAILABLE', NULL, NULL, '2013-01-14 01:52:22', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('50', 'AVAILABLE', NULL, NULL, '2013-01-20 07:02:59', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('51', 'AVAILABLE', NULL, NULL, '2013-01-20 08:32:44', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('52', 'AVAILABLE', NULL, NULL, '2013-01-15 12:10:16', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('53', 'AVAILABLE', NULL, NULL, '2013-01-15 10:03:13', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('54', 'AVAILABLE', NULL, NULL, '2013-01-14 01:36:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('55', 'AVAILABLE', NULL, NULL, '2013-01-11 07:25:05', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('56', 'AVAILABLE', NULL, NULL, '2013-01-15 12:10:16', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('57', 'AVAILABLE', NULL, NULL, '2013-01-21 12:39:03', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('58', 'AVAILABLE', NULL, NULL, '2013-01-21 09:11:27', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('59', 'AVAILABLE', NULL, NULL, '2013-01-18 03:16:41', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('60', 'AVAILABLE', NULL, NULL, '2013-01-14 02:30:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('61', 'AVAILABLE', NULL, NULL, '2013-01-22 02:21:03', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('62', 'AVAILABLE', NULL, NULL, '2013-01-08 12:58:53', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('63', 'AVAILABLE', NULL, NULL, '2013-01-14 01:36:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('64', 'AVAILABLE', NULL, NULL, '2013-01-14 04:08:24', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('65', 'AVAILABLE', NULL, NULL, '2013-01-15 10:03:13', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('66', 'AVAILABLE', NULL, NULL, '2013-01-08 03:53:58', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('67', 'AVAILABLE', NULL, NULL, '2013-01-15 08:41:10', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('68', 'AVAILABLE', NULL, NULL, '2013-01-08 12:58:53', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('69', 'AVAILABLE', NULL, NULL, '2013-01-18 02:49:41', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('70', 'AVAILABLE', NULL, NULL, '2013-01-15 12:25:05', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('71', 'AVAILABLE', NULL, NULL, '2013-01-21 12:37:39', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('72', 'AVAILABLE', NULL, NULL, '2013-01-14 01:36:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('73', 'AVAILABLE', NULL, NULL, '2013-01-08 02:11:23', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('74', 'AVAILABLE', NULL, NULL, '2013-01-16 07:36:01', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('75', 'AVAILABLE', NULL, NULL, '2013-01-14 04:04:01', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('76', 'AVAILABLE', NULL, NULL, '2013-01-18 03:16:41', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('77', 'AVAILABLE', NULL, NULL, '2013-01-08 03:54:15', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('78', 'AVAILABLE', NULL, NULL, '2013-01-20 10:46:57', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('79', 'AVAILABLE', NULL, NULL, '2013-01-08 07:00:57', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('80', 'AVAILABLE', NULL, NULL, '2013-01-14 01:23:21', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('81', 'AVAILABLE', NULL, NULL, '2013-01-14 04:26:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('82', 'AVAILABLE', NULL, NULL, '2013-01-21 12:36:55', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('83', 'AVAILABLE', NULL, NULL, '2013-01-18 03:16:41', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('84', 'AVAILABLE', NULL, NULL, '2013-01-20 08:32:44', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('85', 'AVAILABLE', NULL, NULL, '2013-01-20 08:44:30', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('86', 'AVAILABLE', NULL, NULL, '2013-01-18 02:49:41', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('87', 'AVAILABLE', NULL, NULL, '2013-01-20 07:02:59', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('88', 'AVAILABLE', NULL, NULL, '2013-01-08 03:54:33', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('89', 'AVAILABLE', NULL, NULL, '2013-01-15 12:10:16', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('90', 'AVAILABLE', NULL, NULL, '2013-01-09 11:53:47', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('91', 'AVAILABLE', NULL, NULL, '2013-01-14 08:48:40', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('92', 'AVAILABLE', NULL, NULL, '2013-01-14 04:04:01', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('93', 'AVAILABLE', NULL, NULL, '2013-01-20 07:02:59', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('94', 'AVAILABLE', NULL, NULL, '2013-01-14 01:52:22', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('95', 'AVAILABLE', NULL, NULL, '2013-01-14 01:36:04', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('96', 'AVAILABLE', NULL, NULL, '2013-01-14 04:26:08', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('97', 'AVAILABLE', NULL, NULL, '2013-01-15 08:41:10', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('98', 'AVAILABLE', NULL, NULL, '2013-01-15 12:10:16', 0, 0, 0, 0, 0);
+INSERT INTO `VNSB_squares` VALUES ('99', 'AVAILABLE', NULL, NULL, '2013-01-14 02:30:08', 0, 0, 0, 0, 0);
\ No newline at end of file
diff --git a/legacy/scores.php b/legacy/scores.php
new file mode 100644
index 0000000..8d34cf1
--- /dev/null
+++ b/legacy/scores.php
@@ -0,0 +1,254 @@
+<?php
+// Start session at the very beginning
+session_start();
+
+// Check if the session variable exists
+if (!isset($_SESSION['VNSB']) || empty($_SESSION['VNSB'])) {
+    // Redirect to login page
+    header("Location: adminlogin.php");
+    exit();
+}
+
+// Function to send email notifications
+function email_notify($mailto) {
+    global $ADMIN_EMAIL, $SB_DATE;
+
+    $mail_headers = "From: $ADMIN_EMAIL\r\n";
+    $mail_subject = "Super Bowl Squares :: You are the winner";
+    $mailmessage = "\r\nCongratulations\r\n";
+    $mailmessage .= "You are the lucky winner for our Super Bowl Squares for $SB_DATE \r\n\n";
+    $mailmessage .= "Contact us to collect your winning.\r\n";
+    $mailmessage .= "The Commissioner\r\n";
+
+    mail($mailto, $mail_subject, $mailmessage, $mail_headers);
+}
+
+// Include configuration and header files
+require_once 'config.php';
+require 'header.inc';
+
+// Initialize arrays
+$NFC = [];
+$AFC = [];
+$NAME = [];
+$EMAIL = [];
+
+// Process form data
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['addscores'])) {
+    $NFC_1 = $_POST['NFC_1'] ?? '';
+    $NFC_2 = $_POST['NFC_2'] ?? '';
+    $NFC_3 = $_POST['NFC_3'] ?? '';
+    $NFC_4 = $_POST['NFC_4'] ?? '';
+    $AFC_1 = $_POST['AFC_1'] ?? '';
+    $AFC_2 = $_POST['AFC_2'] ?? '';
+    $AFC_3 = $_POST['AFC_3'] ?? '';
+    $AFC_4 = $_POST['AFC_4'] ?? '';
+
+    // Insert scores into the database
+    $sql = "INSERT INTO `VNSB_scores` VALUES (NULL, ?, ?, ?, ?, ?, ?, ?, ?)";
+    $stmt = mysqli_prepare($conn, $sql);
+    mysqli_stmt_bind_param($stmt, 'ssssssss', $NFC_1, $AFC_1, $NFC_2, $AFC_2, $NFC_3, $AFC_3, $NFC_4, $AFC_4);
+    if (!mysqli_stmt_execute($stmt)) {
+        echo "<p>Sorry, a technical problem occurred. Scores were not added.</p>" . mysqli_error($conn);
+    }
+    mysqli_stmt_close($stmt);
+}
+
+// Fetch the latest scores
+$sql = "SELECT * FROM `VNSB_scores` ORDER BY ID DESC LIMIT 1";
+$result = mysqli_query($conn, $sql);
+if (!$result) {
+    die("ERROR: Unable to read record from 'VNSB_scores'!<br>" . mysqli_error($conn));
+}
+
+$scores = mysqli_fetch_assoc($result);
+$NFC_FIRST = $scores['NFC_FIRST'] ?? '';
+$AFC_FIRST = $scores['AFC_FIRST'] ?? '';
+$NFC_HALF = $scores['NFC_HALF'] ?? '';
+$AFC_HALF = $scores['AFC_HALF'] ?? '';
+$NFC_THIRD = $scores['NFC_THIRD'] ?? '';
+$AFC_THIRD = $scores['AFC_THIRD'] ?? '';
+$NFC_FINAL = $scores['NFC_FINAL'] ?? '';
+$AFC_FINAL = $scores['AFC_FINAL'] ?? '';
+
+$ADD_SCORES = ($NFC_FINAL === NULL || $AFC_FINAL === NULL) ? 1 : 0;
+
+// Fetch assigned numbers
+$sql = "SELECT * FROM VNSB_numbers";
+$result = mysqli_query($conn, $sql);
+if (!$result) {
+    die("ERROR: Unable to read records from 'VNSB_numbers'!<br>" . mysqli_error($conn));
+}
+
+$cnt = 0;
+while ($record = mysqli_fetch_assoc($result)) {
+    $cnt++;
+    $NFC[$cnt] = $record['NFC'];
+    $AFC[$cnt] = $record['AFC'];
+}
+
+// Fetch names for each square
+$sql = "SELECT * FROM VNSB_squares";
+$result = mysqli_query($conn, $sql);
+if (!$result) {
+    die("ERROR: Unable to read records from 'VNSB_squares'!<br>" . mysqli_error($conn));
+}
+
+while ($record = mysqli_fetch_assoc($result)) {
+    $NAME[$record['SQUARE']] = $record['NAME'];
+    $EMAIL[$record['SQUARE']] = $record['EMAIL'];
+}
+
+// Display the form for adding scores
+if ($ADD_SCORES) {
+    ?>
+    <form method="post" action="">
+        <table width="" cellpadding="0" cellspacing="10" style="font-family: Verdana,Ariel; font-size: 12px">
+            <tr>
+                <td align="center" colspan="5" style="font-weight:bold;">QUARTERLY SCORES</td>
+            </tr>
+            <tr>
+                <td align="right" valign="bottom" style="color:#232b85; font-weight:bold"><?= htmlspecialchars($NFC_TEAM) ?></td>
+                <td align="center" style="font-weight:bold;">First<br>
+                    <input type="text" name="NFC_1" size="5" maxlength="2" value="<?= htmlspecialchars($NFC_FIRST) ?>">
+                </td>
+                <td align="center" style="font-weight:bold;">Half<br>
+                    <input type="text" name="NFC_2" size="5" maxlength="2" value="<?= htmlspecialchars($NFC_HALF) ?>">
+                </td>
+                <td align="center" style="font-weight:bold;">Third<br>
+                    <input type="text" name="NFC_3" size="5" maxlength="2" value="<?= htmlspecialchars($NFC_THIRD) ?>">
+                </td>
+                <td align="center" style="font-weight:bold;">Final<br>
+                    <input type="text" name="NFC_4" size="5" maxlength="2" value="<?= htmlspecialchars($NFC_FINAL) ?>">
+                </td>
+            </tr>
+            <tr>
+                <td align="right" style="color:#db2824; font-weight:bold"><?= htmlspecialchars($AFC_TEAM) ?></td>
+                <td style="font-weight:bold;"><input type="text" name="AFC_1" size="5" maxlength="2" value="<?= htmlspecialchars($AFC_FIRST) ?>"></td>
+                <td style="font-weight:bold;"><input type="text" name="AFC_2" size="5" maxlength="2" value="<?= htmlspecialchars($AFC_HALF) ?>"></td>
+                <td style="font-weight:bold;"><input type="text" name="AFC_3" size="5" maxlength="2" value="<?= htmlspecialchars($AFC_THIRD) ?>"></td>
+                <td style="font-weight:bold;"><input type="text" name="AFC_4" size="5" maxlength="2" value="<?= htmlspecialchars($AFC_FINAL) ?>"></td>
+            </tr>
+            <tr>
+                <td align="center" colspan="5">
+                    <input type="submit" name="addscores" value="Submit">
+                </td>
+            </tr>
+        </table>
+    </form>
+    <?php
+}
+
+// Fetch settings
+$sql = "SELECT * FROM VNSB_settings";
+$result = mysqli_query($conn, $sql);
+if ($record = mysqli_fetch_assoc($result)) {
+    $BET = $record['Bet'];
+    $WIN_FIRST = $record['Win_first'];
+    $WIN_SECOND = $record['Win_second'];
+    $WIN_THIRD = $record['Win_third'];
+    $WIN_FINAL = $record['Win_final'];
+    $FIRST = (100 * (int)$BET) * ((int)$WIN_FIRST / 100);
+    $SECOND = (100 * (int)$BET) * ((int)$WIN_SECOND / 100);
+    $THIRD = (100 * (int)$BET) * ((int)$WIN_THIRD / 100);
+    $FINAL = (100 * (int)$BET) * ((int)$WIN_FINAL / 100);
+} else {
+    echo mysqli_error($conn);
+    exit;
+}
+?>
+
+<!-- Display payout table -->
+<table width="50%" style="font-family: Verdana,Ariel; font-size: 12px; border: #009900 1px solid">
+    <tr>
+        <td colspan="4" align="center"><strong>The Payout:</strong></td>
+    </tr>
+    <tr>
+        <td>
+            <li>End of first quarter: </li>
+            <li>End of second quarter: </li>
+            <li>End of third quarter: </li>
+            <li>Final Score: </li>
+        </td>
+        <td>
+            <dt><strong><font color="#232B85"><?= htmlspecialchars($NFC_FIRST) ?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?= htmlspecialchars($AFC_FIRST) ?></font></strong></dt>
+            <dt><strong><font color="#232B85"><?= htmlspecialchars($NFC_HALF) ?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?= htmlspecialchars($AFC_HALF) ?></font></strong></dt>
+            <dt><strong><font color="#232B85"><?= htmlspecialchars($NFC_THIRD) ?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?= htmlspecialchars($AFC_THIRD) ?></font></strong></dt>
+            <dt><strong><font color="#232B85"><?= htmlspecialchars($NFC_FINAL) ?></font> &nbsp;&nbsp;&nbsp; <font color="#DB2824"><?= htmlspecialchars($AFC_FINAL) ?></font></strong></dt>
+        </td>
+        <td>
+            <dt><?= htmlspecialchars($WIN_FIRST) ?>%</dt>
+            <dt><?= htmlspecialchars($WIN_SECOND) ?>%</dt>
+            <dt><?= htmlspecialchars($WIN_THIRD) ?>%</dt>
+            <dt><?= htmlspecialchars($WIN_FINAL) ?>%</dt>
+        </td>
+        <td width="15%" align="right" style="font-weight: 600px">
+            <dt><strong>$<?= htmlspecialchars($FIRST) ?></strong></dt>
+            <dt><strong>$<?= htmlspecialchars($SECOND) ?></strong></dt>
+            <dt><strong>$<?= htmlspecialchars($THIRD) ?></strong></dt>
+            <dt><strong>$<?= htmlspecialchars($FINAL) ?></strong></dt>
+        </td>
+    </tr>
+</table>
+
+<!-- Notify winners -->
+<p>
+    <a href="<?= htmlspecialchars($_SERVER['REQUEST_URI']) ?>?m=yes">Email Winners</a>
+</p>
+
+<?php
+// Notify winners logic
+if (isset($_GET['m']) && $_GET['m'] === 'yes') {
+    $cnt = 0;
+    for ($y = 1; $y <= 10; $y++) {
+        for ($x = 1; $x <= 10; $x++) {
+            $square = ($cnt < 10) ? "0$cnt" : $cnt;
+            if (($NFC[$x] == substr($NFC_FIRST, -1)) && ($AFC[$y] == substr($AFC_FIRST, -1)) && ($NFC_FIRST && $AFC_FIRST)) {
+                echo "<p>1st Quarter Winner ($NFC[$x],$AFC[$y]) &nbsp;&nbsp;&nbsp; Square #$square (" . htmlspecialchars($NAME[$square]) . ")</p>";
+                mysqli_query($conn, "UPDATE VNSB_squares SET FIRST='1' WHERE SQUARE='$square' LIMIT 1");
+                if ($_GET['m'] === 'yes') {
+                    email_notify($EMAIL[$square]);
+                }
+            }
+            if (($NFC[$x] == substr($NFC_HALF, -1)) && ($AFC[$y] == substr($AFC_HALF, -1)) && ($NFC_HALF && $AFC_HALF)) {
+                echo "<p>Halftime Winner ($NFC[$x],$AFC[$y]) &nbsp;&nbsp;&nbsp; Square #$square (" . htmlspecialchars($NAME[$square]) . ")</p>";
+                mysqli_query($conn, "UPDATE VNSB_squares SET HALF='1' WHERE SQUARE='$square' LIMIT 1");
+                if ($_GET['m'] === 'yes') {
+                    email_notify($EMAIL[$square]);
+                }
+            }
+            if (($NFC[$x] == substr($NFC_THIRD, -1)) && ($AFC[$y] == substr($AFC_THIRD, -1)) && ($NFC_THIRD && $AFC_THIRD)) {
+                echo "<p>3rd Quarter Winner ($NFC[$x],$AFC[$y]) &nbsp;&nbsp;&nbsp; Square #$square (" . htmlspecialchars($NAME[$square]) . ")</p>";
+                mysqli_query($conn, "UPDATE VNSB_squares SET THIRD='1' WHERE SQUARE='$square' LIMIT 1");
+                if ($_GET['m'] === 'yes') {
+                    email_notify($EMAIL[$square]);
+                }
+            }
+            if (($NFC[$x] == substr($NFC_FINAL, -1)) && ($AFC[$y] == substr($AFC_FINAL, -1)) && ($NFC_FINAL && $AFC_FINAL)) {
+                echo "<p>Final Winner ($NFC[$x],$AFC[$y]) &nbsp;&nbsp;&nbsp; Square #$square (" . htmlspecialchars($NAME[$square]) . ")</p>";
+                mysqli_query($conn, "UPDATE VNSB_squares SET FINAL='1' WHERE SQUARE='$square' LIMIT 1");
+                if ($_GET['m'] === 'yes') {
+                    email_notify($EMAIL[$square]);
+                }
+            }
+            $cnt++;
+        }
+    }
+}
+?>
+
+<!-- Footer links -->
+<p><br><br>
+<table width="50%" border="0" cellspacing="0" cellpadding="0" style="font-family: verdana, arial; font-size: 12px">
+    <tr>
+        <td width="16%"><a href="<?= htmlspecialchars($superbowlURL) ?>" title="Home">Home</a></td>
+        <td width="16%" align="center"><a href="admin.php" title="Administrator">Admin</a></td>
+        <td width="16%" align="center"><a href="report.php" title="Balance Sheet">Balance Sheet</a></td>
+        <td width="16%" align="center"><a href="randomnumber.php" title="Number Generator">Number Generator</a></td>
+        <td width="16%" align="center"><a href="scores.php" title="Enter scores">Scores</a></td>
+        <td width="16%" align="center"><a href="adminlogout.php" title="Admin logout">Logout</a></td>
+    </tr>
+</table>
+</p>
+
+<?php require "footer.inc"; ?>
\ No newline at end of file
diff --git a/legacy/signup.php b/legacy/signup.php
new file mode 100644
index 0000000..af2c847
--- /dev/null
+++ b/legacy/signup.php
@@ -0,0 +1,67 @@
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installation and usage instructions 
+-->
+
+<?php
+require_once('config.php'); 
+require "header.inc";
+
+$sb_URL = $record['sb_URL'];
+$commissioner = $record['commissioner'];
+$Admin_email = $record['Admin_email'];
+$Grace = $record['Grace'];
+?>
+
+<h3>SQUARE SELECTION</h3>
+<table width="50%" cellpadding="5" style="font-family: verdana, arial; border: #FFCC99 1px solid">
+<tr> 
+  <td width="" align="center" valign="top" style="font-size: 11px"> 
+  	<h2><strong>You are signing up for square(s): <font color="#ff0000">
+	<form name="signup"  action="thankyou.php" method="post">
+<?php 
+if ( isset($_REQUEST['sqSelect_Submit']) ) {
+	$SQ=0;
+	$SQcount = 100;
+	for ($i=0;$i<$SQcount;$i++) {
+		if ($i<10) { $SQarray[$i] = $_POST["sqNum_0$i"]; }
+		else { $SQarray[$i] = $_POST["sqNum_$i"]; }
+		if ( isset($SQarray[$i]) ) { 
+			$SQ++;
+			echo $SQarray[$i]." "; 
+			echo ('<input type="hidden" name="square_'.$SQ.'" value="'.$SQarray[$i].'">');
+			echo ('<input type="hidden" name="sqTotal" value="'.$SQ.'">');
+			if ( $SQ == 10 ) { echo "<p>Maximum of 10 Squares per selection</p>"; break; } // limit to 10
+		}
+	}
+	
+	if ( $SQ==0 ) { 
+		echo "<p style=\"font-size:12px; color:#000000\">You must select at least one square to continue!</p>"; 
+		echo "<p><a href=\"".$sb_URL."\" title=\"Online Superbowl Squares\">Home</a></p>";
+		exit;
+	}
+}
+ ?>
+ 	</font></strong></h2>
+  	<!--<h2><strong>You are signing up for square(s): <font color="#ff0000"><?=$square_select?></font></strong></h2>-->
+	<!--<form name="signup"  action="thankyou.php" method="post">-->
+	  <p><b>Full Name</b> <br/><input type=text name="realname" size="30" value=""></p>
+	  <p><b>Email</b><br/><input type=text name="email" size="30" maxlength="45" value=""></p>
+	  <p><b>Note to the Commissioner:</b><br/> 
+		<textarea name="body" rows="1" cols="60" wrap="virtual" style="font-family: verdana, arial; font-size: 10px"></textarea>
+	  </p>
+	  <p>You have <?=$Grace?> hours to make your payment or your square may be released.<br/>
+	  Please make payment to <?=$commissioner?> via the defined methods in the Rules section or contact <?=$Admin_email?><br/>
+	  <input type="submit" value="Submit"></p>
+
+	  <!--<input type="hidden" name="square" value="<?=$square_select?>">-->
+	  <input type="hidden" name="confirmation" value="0"></input> 
+	</form>
+	</td>
+</tr>
+</table>
+<p style="font-family: verdana, arial; font-size: 12px">
+	<a href="<?=$sb_URL?>" title="Online Superbowl Squares">Home</a>
+</p>
+<?php require "footer.inc"; ?>
diff --git a/legacy/thankyou.php b/legacy/thankyou.php
new file mode 100644
index 0000000..eb1b83b
--- /dev/null
+++ b/legacy/thankyou.php
@@ -0,0 +1,142 @@
+<!-- 
+www.vnlisting.com
+Online Super Bowl Squares Script
+Please read the "Readme.txt for license agreement, installation and usage instructions 
+-->
+
+
+<?php
+error_reporting(E_ALL);
+ini_set('display_errors', 1);
+
+require_once('config.php'); 
+require "header.inc";
+
+//$square = $_POST['square'];
+$sqTotal = $_POST["sqTotal"];
+for ($i=1;$i<=$sqTotal;$i++) {
+$sqSelect[$i] = $_POST["square_$i"];
+//echo $sqSelect[$i];
+}
+
+$name = $_POST['realname'];
+$email = $_POST['email'];
+$Bet = $record['Bet'];
+$notes = $_POST['body'];
+$date = date("Y-m-d h:i:s");
+$confirm = $_POST['confirmation'];
+$sb_URL = $record['sb_URL'];
+$commissioner = $record['commissioner'];
+$Grace = $record['Grace'];
+$Zelle = $record['Zelle'];
+$PayPal = $record['PayPal'];
+$Venmo = $record['Venmo'];
+$CashApp = $record['CashApp'];
+
+for ($i=1;$i<=$sqTotal;$i++) {
+$sql="SELECT * FROM VNSB_squares WHERE SQUARE='".$sqSelect[$i]."'";
+$result = mysqli_query($conn,$sql);
+if (!$result) {
+	//echo mysql_error();
+	echo "\n\n\t***** Invalid square selected *****\n\n";
+	echo "<a href='javascript:onClick=history.go(-2);'>Back</a>";
+	exit;
+} else {
+	$record = mysqli_fetch_assoc($result);
+}
+}
+//continue only if the square is available
+if ($record['DATE'] == "0000-00-00 00:00:00") {
+
+
+//check for required fields
+for ($i=1;$i<=$sqTotal;$i++) {
+if (($sqSelect[$i] >= 00 OR $sqSelect[$i] < 100) AND $name != '' AND $email != '') {
+
+	$sql="UPDATE VNSB_squares SET NAME='".$name."', EMAIL='".$email."', NOTES='".$notes."', DATE='".$date."', CONFIRM='".$confirm."' WHERE SQUARE='".$sqSelect[$i]."' LIMIT 1";
+	$result = mysqli_query($conn, $sql);
+	if (!$result) {
+		echo mysqli_error();
+		echo "<BR>Sorry, Technical problem occurred... your selection was not added.<br><br> Email this problem to <a href=\"mailto:".$ADMIN_EMAIL."\">".$ADMIN_EMAIL."</a>";
+		exit;
+	}
+} else {
+	echo "<p align='center'><br/><font color='#ff0000', size='3'>Required fields are missing!</font><br/><br/><a href='javascript:onClick=history.go(-1);'>Back</a></p>";
+	exit;
+}
+}
+
+//email
+    $headers = "From: $commissioner <$ADMIN_EMAIL>\r\nBcc: $commissioner <$ADMIN_EMAIL>\r\n";
+function notify_admin ($mailto, $mailmessage, $mail_headers)
+{
+	mail("$mailto", "Super Bowl Squares", "$mailmessage", "$mail_headers");
+}
+
+$selectedSQUARES="";
+for ($i=1;$i<=$sqTotal;$i++) { $selectedSQUARES .= $sqSelect[$i]." "; }
+?>
+
+<table width="60%" cellspacing="0" cellpadding="0" style="border: #FFCC99 1px solid; font-family:verdana, arial; font-size:12px; font-color:#0033cc">
+	<tr>
+		<td align="center">
+			<p><font size="4" color="#ffcc00"><h2>GOOD LUCK</h2></font></p>				
+			<p>Your request has been recieved and an email was sent to your email address given <b>(Please check your junk/spam folder)</b>.</p>
+			<p>The square(s) <strong><font color="#ff0000"><?=$selectedSQUARES?></font></strong> is (are) temporary reserved in your name "<font color="#ff0000"><?=$name?></font>", pending confirmation.</p>
+			<p>Please make payment via one of the methods below as soon as possible as to not lose your square!</p>
+		<td align="center">
+	<tr>
+		<td>
+		<br></br>
+			<p><strong>Remember the Rules:</strong></p>
+			<ul>
+			<li><strong><font color="#ff0000">$<?=$Bet?></font></strong> Per square </li>
+			<li>You can buy as many squares as you want</li>
+			<li><strong>Your square(s) is/are not guaranteed until your payment is verified within <?=$Grace?>hours</strong></li>
+			<li>Numbers will be randomly drawn and assigned after all squares are taken</li>
+			<li>When confirmed, your square(s) will be changed to&nbsp;<span style="color: #009900;"><strong>GREEN</strong></span></li>
+			<li>Please make payment via the following:
+			<ul>
+            <li><b>Cash</b></li>
+            <li><b>Zelle:</b> <?=$Zelle?></li>
+            <li><b>PayPal:</b> <?=$PayPal?>  (Use 'Friends and Family')</li>
+            <li><b>Venmo:</b> <?=$Venmo?></li>
+            <li><b>CashApp:</b> <?=$CashApp?></li>
+			</ul>
+		</td>
+		</tr>
+	<tr>
+		<td>
+			<p>Good Luck and enjoy the game!</p>
+			<p>- <?=$commissioner?></p>
+			<!-- <p>You may make your payment thru Paypal if you preferred. <br/>There will be an additional $1 for each payment up to $20 to cover the charges by Paypal.</p> -->
+			<br/><br/>
+		</td>
+	</tr>
+</table>
+
+<p style="font-family: verdana, arial; font-size: 12px">
+	<a href="<?=$sb_URL?>" title="Online Superbowl Squares">Home</a>
+</p>
+
+<?php
+$bodyMessage = "\nREMINDER:\r\n";
+$bodyMessage .= "Square(s) $selectedSQUARES is(are) temporary reserved in your name \"$name\", pending confirmation.\r\n";
+$bodyMessage .= "IF YOUR PAYMENT CAN NOT BE VERIFIED WITHIN \"$Grace\" HOURS, YOU MAY LOSE YOUR SQUARE(S).\r\n\n";
+$bodyMessage .= "Good Luck and enjoy the game!\r\n";
+$bodyMessage .= "- $commissioner\r\n\n";
+$bodyMessage .= "$sb_URL\r\n\n";
+//$bodyMessage .= "You may make your payment thru Paypal if you like. \rThere will be an additional $1 for each payment up to $20 to cover the charges by Paypal.\r\n";
+$bodyMessage .= "\r\n\nNote to the commissioner:\r\n";
+$bodyMessage .= $notes."\r\n\n";
+
+notify_admin($email,$bodyMessage,$headers);
+
+require "footer.inc"; ?>
+
+<?php
+} else {
+	echo "<p align='center'><font color='#ff0000', size='3'><b>$square</b> is NOT available!  Someone must have just selected that same square.<br/></font><br/>Please go <a href='javascript:onClick=history.go(-2);'>back</a> and select another square.</p>";
+	exit;
+}
+?>
\ No newline at end of file
diff --git a/next.config.js b/next.config.js
new file mode 100644
index 0000000..c25e874
--- /dev/null
+++ b/next.config.js
@@ -0,0 +1,12 @@
+/** @type {import('next').NextConfig} */
+const nextConfig = {
+  output: 'standalone',
+  experimental: {
+    serverComponentsExternalPackages: ['nodemailer'],
+  },
+  images: {
+    unoptimized: true,
+  },
+};
+
+module.exports = nextConfig;
diff --git a/package-lock.json b/package-lock.json
new file mode 100644
index 0000000..c6b4da6
--- /dev/null
+++ b/package-lock.json
@@ -0,0 +1,2857 @@
+{
+  "name": "superbowl-squares",
+  "version": "1.0.0",
+  "lockfileVersion": 3,
+  "requires": true,
+  "packages": {
+    "": {
+      "name": "superbowl-squares",
+      "version": "1.0.0",
+      "hasInstallScript": true,
+      "dependencies": {
+        "@prisma/client": "^6.3.0",
+        "bcryptjs": "^2.4.3",
+        "emoji-mart": "^5.6.0",
+        "next": "^14.2.21",
+        "next-auth": "^4.24.11",
+        "nodemailer": "^7.0.7",
+        "react": "^18.3.1",
+        "react-dom": "^18.3.1",
+        "ws": "^8.18.0",
+        "zod": "^3.24.1"
+      },
+      "devDependencies": {
+        "@types/bcryptjs": "^2.4.6",
+        "@types/node": "^22.10.0",
+        "@types/nodemailer": "^6.4.17",
+        "@types/react": "^18.3.12",
+        "@types/react-dom": "^18.3.1",
+        "@types/ws": "^8.5.13",
+        "autoprefixer": "^10.4.20",
+        "postcss": "^8.4.49",
+        "prisma": "^6.3.0",
+        "tailwindcss": "^3.4.16",
+        "tsx": "^4.19.2",
+        "typescript": "^5.7.2"
+      }
+    },
+    "node_modules/@alloc/quick-lru": {
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/@alloc/quick-lru/-/quick-lru-5.2.0.tgz",
+      "integrity": "sha512-UrcABB+4bUrFABwbluTIBErXwvbsU/V7TZWfmbgJfbkwiBuziS9gxdODUyuiecfdGQ85jglMW6juS3+z5TsKLw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=10"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/@babel/runtime": {
+      "version": "7.28.6",
+      "resolved": "https://registry.npmjs.org/@babel/runtime/-/runtime-7.28.6.tgz",
+      "integrity": "sha512-05WQkdpL9COIMz4LjTxGpPNCdlpyimKppYNoJ5Di5EUObifl8t4tuLuUBBZEpoLYOmfvIWrsp9fCl0HoPRVTdA==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.9.0"
+      }
+    },
+    "node_modules/@esbuild/aix-ppc64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/aix-ppc64/-/aix-ppc64-0.27.3.tgz",
+      "integrity": "sha512-9fJMTNFTWZMh5qwrBItuziu834eOCUcEqymSH7pY+zoMVEZg3gcPuBNxH1EvfVYe9h0x/Ptw8KBzv7qxb7l8dg==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "aix"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm/-/android-arm-0.27.3.tgz",
+      "integrity": "sha512-i5D1hPY7GIQmXlXhs2w8AWHhenb00+GxjxRncS2ZM7YNVGNfaMxgzSGuO8o8SJzRc/oZwU2bcScvVERk03QhzA==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-arm64/-/android-arm64-0.27.3.tgz",
+      "integrity": "sha512-YdghPYUmj/FX2SYKJ0OZxf+iaKgMsKHVPF1MAq/P8WirnSpCStzKJFjOjzsW0QQ7oIAiccHdcqjbHmJxRb/dmg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/android-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/android-x64/-/android-x64-0.27.3.tgz",
+      "integrity": "sha512-IN/0BNTkHtk8lkOM8JWAYFg4ORxBkZQf9zXiEOfERX/CzxW3Vg1ewAhU7QSWQpVIzTW+b8Xy+lGzdYXV6UZObQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "android"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-arm64/-/darwin-arm64-0.27.3.tgz",
+      "integrity": "sha512-Re491k7ByTVRy0t3EKWajdLIr0gz2kKKfzafkth4Q8A5n1xTHrkqZgLLjFEHVD+AXdUGgQMq+Godfq45mGpCKg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/darwin-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/darwin-x64/-/darwin-x64-0.27.3.tgz",
+      "integrity": "sha512-vHk/hA7/1AckjGzRqi6wbo+jaShzRowYip6rt6q7VYEDX4LEy1pZfDpdxCBnGtl+A5zq8iXDcyuxwtv3hNtHFg==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-arm64/-/freebsd-arm64-0.27.3.tgz",
+      "integrity": "sha512-ipTYM2fjt3kQAYOvo6vcxJx3nBYAzPjgTCk7QEgZG8AUO3ydUhvelmhrbOheMnGOlaSFUoHXB6un+A7q4ygY9w==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/freebsd-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/freebsd-x64/-/freebsd-x64-0.27.3.tgz",
+      "integrity": "sha512-dDk0X87T7mI6U3K9VjWtHOXqwAMJBNN2r7bejDsc+j03SEjtD9HrOl8gVFByeM0aJksoUuUVU9TBaZa2rgj0oA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "freebsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm/-/linux-arm-0.27.3.tgz",
+      "integrity": "sha512-s6nPv2QkSupJwLYyfS+gwdirm0ukyTFNl3KTgZEAiJDd+iHZcbTPPcWCcRYH+WlNbwChgH2QkE9NSlNrMT8Gfw==",
+      "cpu": [
+        "arm"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-arm64/-/linux-arm64-0.27.3.tgz",
+      "integrity": "sha512-sZOuFz/xWnZ4KH3YfFrKCf1WyPZHakVzTiqji3WDc0BCl2kBwiJLCXpzLzUBLgmp4veFZdvN5ChW4Eq/8Fc2Fg==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ia32": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ia32/-/linux-ia32-0.27.3.tgz",
+      "integrity": "sha512-yGlQYjdxtLdh0a3jHjuwOrxQjOZYD/C9PfdbgJJF3TIZWnm/tMd/RcNiLngiu4iwcBAOezdnSLAwQDPqTmtTYg==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-loong64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-loong64/-/linux-loong64-0.27.3.tgz",
+      "integrity": "sha512-WO60Sn8ly3gtzhyjATDgieJNet/KqsDlX5nRC5Y3oTFcS1l0KWba+SEa9Ja1GfDqSF1z6hif/SkpQJbL63cgOA==",
+      "cpu": [
+        "loong64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-mips64el": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-mips64el/-/linux-mips64el-0.27.3.tgz",
+      "integrity": "sha512-APsymYA6sGcZ4pD6k+UxbDjOFSvPWyZhjaiPyl/f79xKxwTnrn5QUnXR5prvetuaSMsb4jgeHewIDCIWljrSxw==",
+      "cpu": [
+        "mips64el"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-ppc64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-ppc64/-/linux-ppc64-0.27.3.tgz",
+      "integrity": "sha512-eizBnTeBefojtDb9nSh4vvVQ3V9Qf9Df01PfawPcRzJH4gFSgrObw+LveUyDoKU3kxi5+9RJTCWlj4FjYXVPEA==",
+      "cpu": [
+        "ppc64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-riscv64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-riscv64/-/linux-riscv64-0.27.3.tgz",
+      "integrity": "sha512-3Emwh0r5wmfm3ssTWRQSyVhbOHvqegUDRd0WhmXKX2mkHJe1SFCMJhagUleMq+Uci34wLSipf8Lagt4LlpRFWQ==",
+      "cpu": [
+        "riscv64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-s390x": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-s390x/-/linux-s390x-0.27.3.tgz",
+      "integrity": "sha512-pBHUx9LzXWBc7MFIEEL0yD/ZVtNgLytvx60gES28GcWMqil8ElCYR4kvbV2BDqsHOvVDRrOxGySBM9Fcv744hw==",
+      "cpu": [
+        "s390x"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/linux-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/linux-x64/-/linux-x64-0.27.3.tgz",
+      "integrity": "sha512-Czi8yzXUWIQYAtL/2y6vogER8pvcsOsk5cpwL4Gk5nJqH5UZiVByIY8Eorm5R13gq+DQKYg0+JyQoytLQas4dA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-arm64/-/netbsd-arm64-0.27.3.tgz",
+      "integrity": "sha512-sDpk0RgmTCR/5HguIZa9n9u+HVKf40fbEUt+iTzSnCaGvY9kFP0YKBWZtJaraonFnqef5SlJ8/TiPAxzyS+UoA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/netbsd-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/netbsd-x64/-/netbsd-x64-0.27.3.tgz",
+      "integrity": "sha512-P14lFKJl/DdaE00LItAukUdZO5iqNH7+PjoBm+fLQjtxfcfFE20Xf5CrLsmZdq5LFFZzb5JMZ9grUwvtVYzjiA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "netbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-arm64/-/openbsd-arm64-0.27.3.tgz",
+      "integrity": "sha512-AIcMP77AvirGbRl/UZFTq5hjXK+2wC7qFRGoHSDrZ5v5b8DK/GYpXW3CPRL53NkvDqb9D+alBiC/dV0Fb7eJcw==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openbsd-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/openbsd-x64/-/openbsd-x64-0.27.3.tgz",
+      "integrity": "sha512-DnW2sRrBzA+YnE70LKqnM3P+z8vehfJWHXECbwBmH/CU51z6FiqTQTHFenPlHmo3a8UgpLyH3PT+87OViOh1AQ==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openbsd"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/openharmony-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/openharmony-arm64/-/openharmony-arm64-0.27.3.tgz",
+      "integrity": "sha512-NinAEgr/etERPTsZJ7aEZQvvg/A6IsZG/LgZy+81wON2huV7SrK3e63dU0XhyZP4RKGyTm7aOgmQk0bGp0fy2g==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "openharmony"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/sunos-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/sunos-x64/-/sunos-x64-0.27.3.tgz",
+      "integrity": "sha512-PanZ+nEz+eWoBJ8/f8HKxTTD172SKwdXebZ0ndd953gt1HRBbhMsaNqjTyYLGLPdoWHy4zLU7bDVJztF5f3BHA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "sunos"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-arm64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-arm64/-/win32-arm64-0.27.3.tgz",
+      "integrity": "sha512-B2t59lWWYrbRDw/tjiWOuzSsFh1Y/E95ofKz7rIVYSQkUYBjfSgf6oeYPNWHToFRr2zx52JKApIcAS/D5TUBnA==",
+      "cpu": [
+        "arm64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-ia32": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-ia32/-/win32-ia32-0.27.3.tgz",
+      "integrity": "sha512-QLKSFeXNS8+tHW7tZpMtjlNb7HKau0QDpwm49u0vUp9y1WOF+PEzkU84y9GqYaAVW8aH8f3GcBck26jh54cX4Q==",
+      "cpu": [
+        "ia32"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@esbuild/win32-x64": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/@esbuild/win32-x64/-/win32-x64-0.27.3.tgz",
+      "integrity": "sha512-4uJGhsxuptu3OcpVAzli+/gWusVGwZZHTlS63hh++ehExkVT8SgiEf7/uC/PclrPPkLhZqGgCTjd0VWLo6xMqA==",
+      "cpu": [
+        "x64"
+      ],
+      "dev": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/@jridgewell/gen-mapping": {
+      "version": "0.3.13",
+      "resolved": "https://registry.npmjs.org/@jridgewell/gen-mapping/-/gen-mapping-0.3.13.tgz",
+      "integrity": "sha512-2kkt/7niJ6MgEPxF0bYdQ6etZaA+fQvDcLKckhy1yIQOzaoKjBBjSj63/aLVjYE3qhRt5dvM+uUyfCg6UKCBbA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/sourcemap-codec": "^1.5.0",
+        "@jridgewell/trace-mapping": "^0.3.24"
+      }
+    },
+    "node_modules/@jridgewell/resolve-uri": {
+      "version": "3.1.2",
+      "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz",
+      "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/@jridgewell/sourcemap-codec": {
+      "version": "1.5.5",
+      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",
+      "integrity": "sha512-cYQ9310grqxueWbl+WuIUIaiUaDcj7WOq5fVhEljNVgRfOUhY9fy2zTvfoqWsnebh8Sl70VScFbICvJnLKB0Og==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@jridgewell/trace-mapping": {
+      "version": "0.3.31",
+      "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.31.tgz",
+      "integrity": "sha512-zzNR+SdQSDJzc8joaeP8QQoCQr8NuYx2dIIytl1QeBEZHJ9uW6hebsrYgbz8hJwUQao3TWCMtmfV8Nu1twOLAw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/resolve-uri": "^3.1.0",
+        "@jridgewell/sourcemap-codec": "^1.4.14"
+      }
+    },
+    "node_modules/@next/env": {
+      "version": "14.2.35",
+      "resolved": "https://registry.npmjs.org/@next/env/-/env-14.2.35.tgz",
+      "integrity": "sha512-DuhvCtj4t9Gwrx80dmz2F4t/zKQ4ktN8WrMwOuVzkJfBilwAwGr6v16M5eI8yCuZ63H9TTuEU09Iu2HqkzFPVQ==",
+      "license": "MIT"
+    },
+    "node_modules/@next/swc-darwin-arm64": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-darwin-arm64/-/swc-darwin-arm64-14.2.33.tgz",
+      "integrity": "sha512-HqYnb6pxlsshoSTubdXKu15g3iivcbsMXg4bYpjL2iS/V6aQot+iyF4BUc2qA/J/n55YtvE4PHMKWBKGCF/+wA==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-darwin-x64": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-darwin-x64/-/swc-darwin-x64-14.2.33.tgz",
+      "integrity": "sha512-8HGBeAE5rX3jzKvF593XTTFg3gxeU4f+UWnswa6JPhzaR6+zblO5+fjltJWIZc4aUalqTclvN2QtTC37LxvZAA==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-linux-arm64-gnu": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-gnu/-/swc-linux-arm64-gnu-14.2.33.tgz",
+      "integrity": "sha512-JXMBka6lNNmqbkvcTtaX8Gu5by9547bukHQvPoLe9VRBx1gHwzf5tdt4AaezW85HAB3pikcvyqBToRTDA4DeLw==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-linux-arm64-musl": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-linux-arm64-musl/-/swc-linux-arm64-musl-14.2.33.tgz",
+      "integrity": "sha512-Bm+QulsAItD/x6Ih8wGIMfRJy4G73tu1HJsrccPW6AfqdZd0Sfm5Imhgkgq2+kly065rYMnCOxTBvmvFY1BKfg==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-linux-x64-gnu": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-gnu/-/swc-linux-x64-gnu-14.2.33.tgz",
+      "integrity": "sha512-FnFn+ZBgsVMbGDsTqo8zsnRzydvsGV8vfiWwUo1LD8FTmPTdV+otGSWKc4LJec0oSexFnCYVO4hX8P8qQKaSlg==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-linux-x64-musl": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-linux-x64-musl/-/swc-linux-x64-musl-14.2.33.tgz",
+      "integrity": "sha512-345tsIWMzoXaQndUTDv1qypDRiebFxGYx9pYkhwY4hBRaOLt8UGfiWKr9FSSHs25dFIf8ZqIFaPdy5MljdoawA==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "linux"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-win32-arm64-msvc": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-win32-arm64-msvc/-/swc-win32-arm64-msvc-14.2.33.tgz",
+      "integrity": "sha512-nscpt0G6UCTkrT2ppnJnFsYbPDQwmum4GNXYTeoTIdsmMydSKFz9Iny2jpaRupTb+Wl298+Rh82WKzt9LCcqSQ==",
+      "cpu": [
+        "arm64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-win32-ia32-msvc": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-win32-ia32-msvc/-/swc-win32-ia32-msvc-14.2.33.tgz",
+      "integrity": "sha512-pc9LpGNKhJ0dXQhZ5QMmYxtARwwmWLpeocFmVG5Z0DzWq5Uf0izcI8tLc+qOpqxO1PWqZ5A7J1blrUIKrIFc7Q==",
+      "cpu": [
+        "ia32"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@next/swc-win32-x64-msvc": {
+      "version": "14.2.33",
+      "resolved": "https://registry.npmjs.org/@next/swc-win32-x64-msvc/-/swc-win32-x64-msvc-14.2.33.tgz",
+      "integrity": "sha512-nOjfZMy8B94MdisuzZo9/57xuFVLHJaDj5e/xrduJp9CV2/HrfxTRH2fbyLe+K9QT41WBLUd4iXX3R7jBp0EUg==",
+      "cpu": [
+        "x64"
+      ],
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "win32"
+      ],
+      "engines": {
+        "node": ">= 10"
+      }
+    },
+    "node_modules/@nodelib/fs.scandir": {
+      "version": "2.1.5",
+      "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz",
+      "integrity": "sha512-vq24Bq3ym5HEQm2NKCr3yXDwjc7vTsEThRDnkp2DK9p1uqLR+DHurm/NOTo0KG7HYHU7eppKZj3MyqYuMBf62g==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@nodelib/fs.stat": "2.0.5",
+        "run-parallel": "^1.1.9"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/@nodelib/fs.stat": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/@nodelib/fs.stat/-/fs.stat-2.0.5.tgz",
+      "integrity": "sha512-RkhPPp2zrqDAQA/2jNhnztcPAlv64XdhIp7a7454A5ovI7Bukxgt7MX7udwAu3zg1DcpPU0rz3VV1SeaqvY4+A==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/@nodelib/fs.walk": {
+      "version": "1.2.8",
+      "resolved": "https://registry.npmjs.org/@nodelib/fs.walk/-/fs.walk-1.2.8.tgz",
+      "integrity": "sha512-oGB+UxlgWcgQkgwo8GcEGwemoTFt3FIO9ababBmaGwXIoBKZ+GTy0pP185beGg7Llih/NSHSV2XAs1lnznocSg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@nodelib/fs.scandir": "2.1.5",
+        "fastq": "^1.6.0"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/@panva/hkdf": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/@panva/hkdf/-/hkdf-1.2.1.tgz",
+      "integrity": "sha512-6oclG6Y3PiDFcoyk8srjLfVKyMfVCKJ27JwNPViuXziFpmdz+MZnZN/aKY0JGXgYuO/VghU0jcOAZgWXZ1Dmrw==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
+    "node_modules/@prisma/client": {
+      "version": "6.19.2",
+      "resolved": "https://registry.npmjs.org/@prisma/client/-/client-6.19.2.tgz",
+      "integrity": "sha512-gR2EMvfK/aTxsuooaDA32D8v+us/8AAet+C3J1cc04SW35FPdZYgLF+iN4NDLUgAaUGTKdAB0CYenu1TAgGdMg==",
+      "hasInstallScript": true,
+      "license": "Apache-2.0",
+      "engines": {
+        "node": ">=18.18"
+      },
+      "peerDependencies": {
+        "prisma": "*",
+        "typescript": ">=5.1.0"
+      },
+      "peerDependenciesMeta": {
+        "prisma": {
+          "optional": true
+        },
+        "typescript": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/@prisma/config": {
+      "version": "6.19.2",
+      "resolved": "https://registry.npmjs.org/@prisma/config/-/config-6.19.2.tgz",
+      "integrity": "sha512-kadBGDl+aUswv/zZMk9Mx0C8UZs1kjao8H9/JpI4Wh4SHZaM7zkTwiKn/iFLfRg+XtOAo/Z/c6pAYhijKl0nzQ==",
+      "devOptional": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "c12": "3.1.0",
+        "deepmerge-ts": "7.1.5",
+        "effect": "3.18.4",
+        "empathic": "2.0.0"
+      }
+    },
+    "node_modules/@prisma/debug": {
+      "version": "6.19.2",
+      "resolved": "https://registry.npmjs.org/@prisma/debug/-/debug-6.19.2.tgz",
+      "integrity": "sha512-lFnEZsLdFLmEVCVNdskLDCL8Uup41GDfU0LUfquw+ercJC8ODTuL0WNKgOKmYxCJVvFwf0OuZBzW99DuWmoH2A==",
+      "devOptional": true,
+      "license": "Apache-2.0"
+    },
+    "node_modules/@prisma/engines": {
+      "version": "6.19.2",
+      "resolved": "https://registry.npmjs.org/@prisma/engines/-/engines-6.19.2.tgz",
+      "integrity": "sha512-TTkJ8r+uk/uqczX40wb+ODG0E0icVsMgwCTyTHXehaEfb0uo80M9g1aW1tEJrxmFHeOZFXdI2sTA1j1AgcHi4A==",
+      "devOptional": true,
+      "hasInstallScript": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "@prisma/debug": "6.19.2",
+        "@prisma/engines-version": "7.1.1-3.c2990dca591cba766e3b7ef5d9e8a84796e47ab7",
+        "@prisma/fetch-engine": "6.19.2",
+        "@prisma/get-platform": "6.19.2"
+      }
+    },
+    "node_modules/@prisma/engines-version": {
+      "version": "7.1.1-3.c2990dca591cba766e3b7ef5d9e8a84796e47ab7",
+      "resolved": "https://registry.npmjs.org/@prisma/engines-version/-/engines-version-7.1.1-3.c2990dca591cba766e3b7ef5d9e8a84796e47ab7.tgz",
+      "integrity": "sha512-03bgb1VD5gvuumNf+7fVGBzfpJPjmqV423l/WxsWk2cNQ42JD0/SsFBPhN6z8iAvdHs07/7ei77SKu7aZfq8bA==",
+      "devOptional": true,
+      "license": "Apache-2.0"
+    },
+    "node_modules/@prisma/fetch-engine": {
+      "version": "6.19.2",
+      "resolved": "https://registry.npmjs.org/@prisma/fetch-engine/-/fetch-engine-6.19.2.tgz",
+      "integrity": "sha512-h4Ff4Pho+SR1S8XerMCC12X//oY2bG3Iug/fUnudfcXEUnIeRiBdXHFdGlGOgQ3HqKgosTEhkZMvGM9tWtYC+Q==",
+      "devOptional": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "@prisma/debug": "6.19.2",
+        "@prisma/engines-version": "7.1.1-3.c2990dca591cba766e3b7ef5d9e8a84796e47ab7",
+        "@prisma/get-platform": "6.19.2"
+      }
+    },
+    "node_modules/@prisma/get-platform": {
+      "version": "6.19.2",
+      "resolved": "https://registry.npmjs.org/@prisma/get-platform/-/get-platform-6.19.2.tgz",
+      "integrity": "sha512-PGLr06JUSTqIvztJtAzIxOwtWKtJm5WwOG6xpsgD37Rc84FpfUBGLKz65YpJBGtkRQGXTYEFie7pYALocC3MtA==",
+      "devOptional": true,
+      "license": "Apache-2.0",
+      "dependencies": {
+        "@prisma/debug": "6.19.2"
+      }
+    },
+    "node_modules/@standard-schema/spec": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/@standard-schema/spec/-/spec-1.1.0.tgz",
+      "integrity": "sha512-l2aFy5jALhniG5HgqrD6jXLi/rUWrKvqN/qJx6yoJsgKhblVd+iqqU4RCXavm/jPityDo5TCvKMnpjKnOriy0w==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/@swc/counter": {
+      "version": "0.1.3",
+      "resolved": "https://registry.npmjs.org/@swc/counter/-/counter-0.1.3.tgz",
+      "integrity": "sha512-e2BR4lsJkkRlKZ/qCHPw9ZaSxc0MVUd7gtbtaB7aMvHeJVYe8sOB8DBZkP2DtISHGSku9sCK6T6cnY0CtXrOCQ==",
+      "license": "Apache-2.0"
+    },
+    "node_modules/@swc/helpers": {
+      "version": "0.5.5",
+      "resolved": "https://registry.npmjs.org/@swc/helpers/-/helpers-0.5.5.tgz",
+      "integrity": "sha512-KGYxvIOXcceOAbEk4bi/dVLEK9z8sZ0uBB3Il5b1rhfClSpcX0yfRO0KmTkqR2cnQDymwLB+25ZyMzICg/cm/A==",
+      "license": "Apache-2.0",
+      "dependencies": {
+        "@swc/counter": "^0.1.3",
+        "tslib": "^2.4.0"
+      }
+    },
+    "node_modules/@types/bcryptjs": {
+      "version": "2.4.6",
+      "resolved": "https://registry.npmjs.org/@types/bcryptjs/-/bcryptjs-2.4.6.tgz",
+      "integrity": "sha512-9xlo6R2qDs5uixm0bcIqCeMCE6HiQsIyel9KQySStiyqNl2tnj2mP3DX1Nf56MD6KMenNNlBBsy3LJ7gUEQPXQ==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@types/node": {
+      "version": "22.19.11",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-22.19.11.tgz",
+      "integrity": "sha512-BH7YwL6rA93ReqeQS1c4bsPpcfOmJasG+Fkr6Y59q83f9M1WcBRHR2vM+P9eOisYRcN3ujQoiZY8uk5W+1WL8w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "undici-types": "~6.21.0"
+      }
+    },
+    "node_modules/@types/nodemailer": {
+      "version": "6.4.22",
+      "resolved": "https://registry.npmjs.org/@types/nodemailer/-/nodemailer-6.4.22.tgz",
+      "integrity": "sha512-HV16KRsW7UyZBITE07B62k8PRAKFqRSFXn1T7vslurVjN761tMDBhk5Lbt17ehyTzK6XcyJnAgUpevrvkcVOzw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@types/node": "*"
+      }
+    },
+    "node_modules/@types/prop-types": {
+      "version": "15.7.15",
+      "resolved": "https://registry.npmjs.org/@types/prop-types/-/prop-types-15.7.15.tgz",
+      "integrity": "sha512-F6bEyamV9jKGAFBEmlQnesRPGOQqS2+Uwi0Em15xenOxHaf2hv6L8YCVn3rPdPJOiJfPiCnLIRyvwVaqMY3MIw==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/@types/react": {
+      "version": "18.3.28",
+      "resolved": "https://registry.npmjs.org/@types/react/-/react-18.3.28.tgz",
+      "integrity": "sha512-z9VXpC7MWrhfWipitjNdgCauoMLRdIILQsAEV+ZesIzBq/oUlxk0m3ApZuMFCXdnS4U7KrI+l3WRUEGQ8K1QKw==",
+      "dev": true,
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "@types/prop-types": "*",
+        "csstype": "^3.2.2"
+      }
+    },
+    "node_modules/@types/react-dom": {
+      "version": "18.3.7",
+      "resolved": "https://registry.npmjs.org/@types/react-dom/-/react-dom-18.3.7.tgz",
+      "integrity": "sha512-MEe3UeoENYVFXzoXEWsvcpg6ZvlrFNlOQ7EOsvhI3CfAXwzPfO8Qwuxd40nepsYKqyyVQnTdEfv68q91yLcKrQ==",
+      "dev": true,
+      "license": "MIT",
+      "peerDependencies": {
+        "@types/react": "^18.0.0"
+      }
+    },
+    "node_modules/@types/ws": {
+      "version": "8.18.1",
+      "resolved": "https://registry.npmjs.org/@types/ws/-/ws-8.18.1.tgz",
+      "integrity": "sha512-ThVF6DCVhA8kUGy+aazFQ4kXQ7E1Ty7A3ypFOe0IcJV8O/M511G99AW24irKrW56Wt44yG9+ij8FaqoBGkuBXg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@types/node": "*"
+      }
+    },
+    "node_modules/any-promise": {
+      "version": "1.3.0",
+      "resolved": "https://registry.npmjs.org/any-promise/-/any-promise-1.3.0.tgz",
+      "integrity": "sha512-7UvmKalWRt1wgjL1RrGxoSJW/0QZFIegpeGvZG9kjp8vrRu55XTHbwnqq2GpXm9uLbcuhxm3IqX9OB4MZR1b2A==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/anymatch": {
+      "version": "3.1.3",
+      "resolved": "https://registry.npmjs.org/anymatch/-/anymatch-3.1.3.tgz",
+      "integrity": "sha512-KMReFUr0B4t+D+OBkjR3KYqvocp2XaSzO55UcB6mgQMd3KbcE+mWTyvVV7D/zsdEbNnV6acZUutkiHQXvTr1Rw==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "normalize-path": "^3.0.0",
+        "picomatch": "^2.0.4"
+      },
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/anymatch/node_modules/picomatch": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
+      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=8.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/arg": {
+      "version": "5.0.2",
+      "resolved": "https://registry.npmjs.org/arg/-/arg-5.0.2.tgz",
+      "integrity": "sha512-PYjyFOLKQ9y57JvQ6QLo8dAgNqswh8M1RMJYdQduT6xbWSgK36P/Z/v+p888pM69jMMfS8Xd8F6I1kQ/I9HUGg==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/autoprefixer": {
+      "version": "10.4.24",
+      "resolved": "https://registry.npmjs.org/autoprefixer/-/autoprefixer-10.4.24.tgz",
+      "integrity": "sha512-uHZg7N9ULTVbutaIsDRoUkoS8/h3bdsmVJYZ5l3wv8Cp/6UIIoRDm90hZ+BwxUj/hGBEzLxdHNSKuFpn8WOyZw==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/autoprefixer"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "browserslist": "^4.28.1",
+        "caniuse-lite": "^1.0.30001766",
+        "fraction.js": "^5.3.4",
+        "picocolors": "^1.1.1",
+        "postcss-value-parser": "^4.2.0"
+      },
+      "bin": {
+        "autoprefixer": "bin/autoprefixer"
+      },
+      "engines": {
+        "node": "^10 || ^12 || >=14"
+      },
+      "peerDependencies": {
+        "postcss": "^8.1.0"
+      }
+    },
+    "node_modules/baseline-browser-mapping": {
+      "version": "2.9.19",
+      "resolved": "https://registry.npmjs.org/baseline-browser-mapping/-/baseline-browser-mapping-2.9.19.tgz",
+      "integrity": "sha512-ipDqC8FrAl/76p2SSWKSI+H9tFwm7vYqXQrItCuiVPt26Km0jS+NzSsBWAaBusvSbQcfJG+JitdMm+wZAgTYqg==",
+      "dev": true,
+      "license": "Apache-2.0",
+      "bin": {
+        "baseline-browser-mapping": "dist/cli.js"
+      }
+    },
+    "node_modules/bcryptjs": {
+      "version": "2.4.3",
+      "resolved": "https://registry.npmjs.org/bcryptjs/-/bcryptjs-2.4.3.tgz",
+      "integrity": "sha512-V/Hy/X9Vt7f3BbPJEi8BdVFMByHi+jNXrYkW3huaybV/kQ0KJg0Y6PkEMbn+zeT+i+SiKZ/HMqJGIIt4LZDqNQ==",
+      "license": "MIT"
+    },
+    "node_modules/binary-extensions": {
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-2.3.0.tgz",
+      "integrity": "sha512-Ceh+7ox5qe7LJuLHoY0feh3pHuUDHAcRUeyL2VYghZwfpkNIy/+8Ocg0a3UuSoYzavmylwuLWQOf3hl0jjMMIw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=8"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/sindresorhus"
+      }
+    },
+    "node_modules/braces": {
+      "version": "3.0.3",
+      "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz",
+      "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "fill-range": "^7.1.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/browserslist": {
+      "version": "4.28.1",
+      "resolved": "https://registry.npmjs.org/browserslist/-/browserslist-4.28.1.tgz",
+      "integrity": "sha512-ZC5Bd0LgJXgwGqUknZY/vkUQ04r8NXnJZ3yYi4vDmSiZmC/pdSN0NbNRPxZpbtO4uAfDUAFffO8IZoM3Gj8IkA==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "baseline-browser-mapping": "^2.9.0",
+        "caniuse-lite": "^1.0.30001759",
+        "electron-to-chromium": "^1.5.263",
+        "node-releases": "^2.0.27",
+        "update-browserslist-db": "^1.2.0"
+      },
+      "bin": {
+        "browserslist": "cli.js"
+      },
+      "engines": {
+        "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7"
+      }
+    },
+    "node_modules/busboy": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/busboy/-/busboy-1.6.0.tgz",
+      "integrity": "sha512-8SFQbg/0hQ9xy3UNTB0YEnsNBbWfhf7RtnzpL7TkBiTBRfrQ9Fxcnz7VJsleJpyp6rVLvXiuORqjlHi5q+PYuA==",
+      "dependencies": {
+        "streamsearch": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=10.16.0"
+      }
+    },
+    "node_modules/c12": {
+      "version": "3.1.0",
+      "resolved": "https://registry.npmjs.org/c12/-/c12-3.1.0.tgz",
+      "integrity": "sha512-uWoS8OU1MEIsOv8p/5a82c3H31LsWVR5qiyXVfBNOzfffjUWtPnhAb4BYI2uG2HfGmZmFjCtui5XNWaps+iFuw==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "chokidar": "^4.0.3",
+        "confbox": "^0.2.2",
+        "defu": "^6.1.4",
+        "dotenv": "^16.6.1",
+        "exsolve": "^1.0.7",
+        "giget": "^2.0.0",
+        "jiti": "^2.4.2",
+        "ohash": "^2.0.11",
+        "pathe": "^2.0.3",
+        "perfect-debounce": "^1.0.0",
+        "pkg-types": "^2.2.0",
+        "rc9": "^2.1.2"
+      },
+      "peerDependencies": {
+        "magicast": "^0.3.5"
+      },
+      "peerDependenciesMeta": {
+        "magicast": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/camelcase-css": {
+      "version": "2.0.1",
+      "resolved": "https://registry.npmjs.org/camelcase-css/-/camelcase-css-2.0.1.tgz",
+      "integrity": "sha512-QOSvevhslijgYwRx6Rv7zKdMF8lbRmx+uQGx2+vDc+KI/eBnsy9kit5aj23AgGu3pa4t9AgwbnXWqS+iOY+2aA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/caniuse-lite": {
+      "version": "1.0.30001769",
+      "resolved": "https://registry.npmjs.org/caniuse-lite/-/caniuse-lite-1.0.30001769.tgz",
+      "integrity": "sha512-BCfFL1sHijQlBGWBMuJyhZUhzo7wer5sVj9hqekB/7xn0Ypy+pER/edCYQm4exbXj4WiySGp40P8UuTh6w1srg==",
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/caniuse-lite"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "CC-BY-4.0"
+    },
+    "node_modules/chokidar": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-4.0.3.tgz",
+      "integrity": "sha512-Qgzu8kfBvo+cA4962jnP1KkS6Dop5NS6g7R5LFYJr4b8Ub94PPQXUksCw9PvXoeXPRRddRNC5C1JQUR2SMGtnA==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "readdirp": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 14.16.0"
+      },
+      "funding": {
+        "url": "https://paulmillr.com/funding/"
+      }
+    },
+    "node_modules/citty": {
+      "version": "0.1.6",
+      "resolved": "https://registry.npmjs.org/citty/-/citty-0.1.6.tgz",
+      "integrity": "sha512-tskPPKEs8D2KPafUypv2gxwJP8h/OaJmC82QQGGDQcHvXX43xF2VDACcJVmZ0EuSxkpO9Kc4MlrA3q0+FG58AQ==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "consola": "^3.2.3"
+      }
+    },
+    "node_modules/client-only": {
+      "version": "0.0.1",
+      "resolved": "https://registry.npmjs.org/client-only/-/client-only-0.0.1.tgz",
+      "integrity": "sha512-IV3Ou0jSMzZrd3pZ48nLkT9DA7Ag1pnPzaiQhpW7c3RbcqqzvzzVu+L8gfqMp/8IM2MQtSiqaCxrrcfu8I8rMA==",
+      "license": "MIT"
+    },
+    "node_modules/commander": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/commander/-/commander-4.1.1.tgz",
+      "integrity": "sha512-NOKm8xhkzAjzFx8B2v5OAHT+u5pRQc2UCa2Vq9jYL/31o2wi9mxBA7LIFs3sV5VSC49z6pEhfbMULvShKj26WA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/confbox": {
+      "version": "0.2.4",
+      "resolved": "https://registry.npmjs.org/confbox/-/confbox-0.2.4.tgz",
+      "integrity": "sha512-ysOGlgTFbN2/Y6Cg3Iye8YKulHw+R2fNXHrgSmXISQdMnomY6eNDprVdW9R5xBguEqI954+S6709UyiO7B+6OQ==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/consola": {
+      "version": "3.4.2",
+      "resolved": "https://registry.npmjs.org/consola/-/consola-3.4.2.tgz",
+      "integrity": "sha512-5IKcdX0nnYavi6G7TtOhwkYzyjfJlatbjMjuLSfE2kYT5pMDOilZ4OvMhi637CcDICTmz3wARPoyhqyX1Y+XvA==",
+      "devOptional": true,
+      "license": "MIT",
+      "engines": {
+        "node": "^14.18.0 || >=16.10.0"
+      }
+    },
+    "node_modules/cookie": {
+      "version": "0.7.2",
+      "resolved": "https://registry.npmjs.org/cookie/-/cookie-0.7.2.tgz",
+      "integrity": "sha512-yki5XnKuf750l50uGTllt6kKILY4nQ1eNIQatoXEByZ5dWgnKqbnqmTrBE5B4N7lrMJKQ2ytWMiTO2o0v6Ew/w==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.6"
+      }
+    },
+    "node_modules/cssesc": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/cssesc/-/cssesc-3.0.0.tgz",
+      "integrity": "sha512-/Tb/JcjK111nNScGob5MNtsntNM1aCNUDipB/TkwZFhyDrrE47SOx/18wF2bbjgc3ZzCSKW1T5nt5EbFoAz/Vg==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "cssesc": "bin/cssesc"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/csstype": {
+      "version": "3.2.3",
+      "resolved": "https://registry.npmjs.org/csstype/-/csstype-3.2.3.tgz",
+      "integrity": "sha512-z1HGKcYy2xA8AGQfwrn0PAy+PB7X/GSj3UVJW9qKyn43xWa+gl5nXmU4qqLMRzWVLFC8KusUX8T/0kCiOYpAIQ==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/deepmerge-ts": {
+      "version": "7.1.5",
+      "resolved": "https://registry.npmjs.org/deepmerge-ts/-/deepmerge-ts-7.1.5.tgz",
+      "integrity": "sha512-HOJkrhaYsweh+W+e74Yn7YStZOilkoPb6fycpwNLKzSPtruFs48nYis0zy5yJz1+ktUhHxoRDJ27RQAWLIJVJw==",
+      "devOptional": true,
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=16.0.0"
+      }
+    },
+    "node_modules/defu": {
+      "version": "6.1.4",
+      "resolved": "https://registry.npmjs.org/defu/-/defu-6.1.4.tgz",
+      "integrity": "sha512-mEQCMmwJu317oSz8CwdIOdwf3xMif1ttiM8LTufzc3g6kR+9Pe236twL8j3IYT1F7GfRgGcW6MWxzZjLIkuHIg==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/destr": {
+      "version": "2.0.5",
+      "resolved": "https://registry.npmjs.org/destr/-/destr-2.0.5.tgz",
+      "integrity": "sha512-ugFTXCtDZunbzasqBxrK93Ik/DRYsO6S/fedkWEMKqt04xZ4csmnmwGDBAb07QWNaGMAmnTIemsYZCksjATwsA==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/didyoumean": {
+      "version": "1.2.2",
+      "resolved": "https://registry.npmjs.org/didyoumean/-/didyoumean-1.2.2.tgz",
+      "integrity": "sha512-gxtyfqMg7GKyhQmb056K7M3xszy/myH8w+B4RT+QXBQsvAOdc3XymqDDPHx1BgPgsdAA5SIifona89YtRATDzw==",
+      "dev": true,
+      "license": "Apache-2.0"
+    },
+    "node_modules/dlv": {
+      "version": "1.1.3",
+      "resolved": "https://registry.npmjs.org/dlv/-/dlv-1.1.3.tgz",
+      "integrity": "sha512-+HlytyjlPKnIG8XuRG8WvmBP8xs8P71y+SKKS6ZXWoEgLuePxtDoUEiH7WkdePWrQ5JBpE6aoVqfZfJUQkjXwA==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/dotenv": {
+      "version": "16.6.1",
+      "resolved": "https://registry.npmjs.org/dotenv/-/dotenv-16.6.1.tgz",
+      "integrity": "sha512-uBq4egWHTcTt33a72vpSG0z3HnPuIl6NqYcTrKEg2azoEyl2hpW0zqlxysq2pK9HlDIHyHyakeYaYnSAwd8bow==",
+      "devOptional": true,
+      "license": "BSD-2-Clause",
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://dotenvx.com"
+      }
+    },
+    "node_modules/effect": {
+      "version": "3.18.4",
+      "resolved": "https://registry.npmjs.org/effect/-/effect-3.18.4.tgz",
+      "integrity": "sha512-b1LXQJLe9D11wfnOKAk3PKxuqYshQ0Heez+y5pnkd3jLj1yx9QhM72zZ9uUrOQyNvrs2GZZd/3maL0ZV18YuDA==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "@standard-schema/spec": "^1.0.0",
+        "fast-check": "^3.23.1"
+      }
+    },
+    "node_modules/electron-to-chromium": {
+      "version": "1.5.286",
+      "resolved": "https://registry.npmjs.org/electron-to-chromium/-/electron-to-chromium-1.5.286.tgz",
+      "integrity": "sha512-9tfDXhJ4RKFNerfjdCcZfufu49vg620741MNs26a9+bhLThdB+plgMeou98CAaHu/WATj2iHOOHTp1hWtABj2A==",
+      "dev": true,
+      "license": "ISC"
+    },
+    "node_modules/emoji-mart": {
+      "version": "5.6.0",
+      "resolved": "https://registry.npmjs.org/emoji-mart/-/emoji-mart-5.6.0.tgz",
+      "integrity": "sha512-eJp3QRe79pjwa+duv+n7+5YsNhRcMl812EcFVwrnRvYKoNPoQb5qxU8DG6Bgwji0akHdp6D4Ln6tYLG58MFSow==",
+      "license": "MIT"
+    },
+    "node_modules/empathic": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/empathic/-/empathic-2.0.0.tgz",
+      "integrity": "sha512-i6UzDscO/XfAcNYD75CfICkmfLedpyPDdozrLMmQc5ORaQcdMoc21OnlEylMIqI7U8eniKrPMxxtj8k0vhmJhA==",
+      "devOptional": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=14"
+      }
+    },
+    "node_modules/esbuild": {
+      "version": "0.27.3",
+      "resolved": "https://registry.npmjs.org/esbuild/-/esbuild-0.27.3.tgz",
+      "integrity": "sha512-8VwMnyGCONIs6cWue2IdpHxHnAjzxnw2Zr7MkVxB2vjmQ2ivqGFb4LEG3SMnv0Gb2F/G/2yA8zUaiL1gywDCCg==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "bin": {
+        "esbuild": "bin/esbuild"
+      },
+      "engines": {
+        "node": ">=18"
+      },
+      "optionalDependencies": {
+        "@esbuild/aix-ppc64": "0.27.3",
+        "@esbuild/android-arm": "0.27.3",
+        "@esbuild/android-arm64": "0.27.3",
+        "@esbuild/android-x64": "0.27.3",
+        "@esbuild/darwin-arm64": "0.27.3",
+        "@esbuild/darwin-x64": "0.27.3",
+        "@esbuild/freebsd-arm64": "0.27.3",
+        "@esbuild/freebsd-x64": "0.27.3",
+        "@esbuild/linux-arm": "0.27.3",
+        "@esbuild/linux-arm64": "0.27.3",
+        "@esbuild/linux-ia32": "0.27.3",
+        "@esbuild/linux-loong64": "0.27.3",
+        "@esbuild/linux-mips64el": "0.27.3",
+        "@esbuild/linux-ppc64": "0.27.3",
+        "@esbuild/linux-riscv64": "0.27.3",
+        "@esbuild/linux-s390x": "0.27.3",
+        "@esbuild/linux-x64": "0.27.3",
+        "@esbuild/netbsd-arm64": "0.27.3",
+        "@esbuild/netbsd-x64": "0.27.3",
+        "@esbuild/openbsd-arm64": "0.27.3",
+        "@esbuild/openbsd-x64": "0.27.3",
+        "@esbuild/openharmony-arm64": "0.27.3",
+        "@esbuild/sunos-x64": "0.27.3",
+        "@esbuild/win32-arm64": "0.27.3",
+        "@esbuild/win32-ia32": "0.27.3",
+        "@esbuild/win32-x64": "0.27.3"
+      }
+    },
+    "node_modules/escalade": {
+      "version": "3.2.0",
+      "resolved": "https://registry.npmjs.org/escalade/-/escalade-3.2.0.tgz",
+      "integrity": "sha512-WUj2qlxaQtO4g6Pq5c29GTcWGDyd8itL8zTlipgECz3JesAiiOKotd8JU6otB3PACgG6xkJUyVhboMS+bje/jA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=6"
+      }
+    },
+    "node_modules/exsolve": {
+      "version": "1.0.8",
+      "resolved": "https://registry.npmjs.org/exsolve/-/exsolve-1.0.8.tgz",
+      "integrity": "sha512-LmDxfWXwcTArk8fUEnOfSZpHOJ6zOMUJKOtFLFqJLoKJetuQG874Uc7/Kki7zFLzYybmZhp1M7+98pfMqeX8yA==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/fast-check": {
+      "version": "3.23.2",
+      "resolved": "https://registry.npmjs.org/fast-check/-/fast-check-3.23.2.tgz",
+      "integrity": "sha512-h5+1OzzfCC3Ef7VbtKdcv7zsstUQwUDlYpUTvjeUsJAssPgLn7QzbboPtL5ro04Mq0rPOsMzl7q5hIbRs2wD1A==",
+      "devOptional": true,
+      "funding": [
+        {
+          "type": "individual",
+          "url": "https://github.com/sponsors/dubzzz"
+        },
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/fast-check"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "pure-rand": "^6.1.0"
+      },
+      "engines": {
+        "node": ">=8.0.0"
+      }
+    },
+    "node_modules/fast-glob": {
+      "version": "3.3.3",
+      "resolved": "https://registry.npmjs.org/fast-glob/-/fast-glob-3.3.3.tgz",
+      "integrity": "sha512-7MptL8U0cqcFdzIzwOTHoilX9x5BrNqye7Z/LuC7kCMRio1EMSyqRK3BEAUD7sXRq4iT4AzTVuZdhgQ2TCvYLg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@nodelib/fs.stat": "^2.0.2",
+        "@nodelib/fs.walk": "^1.2.3",
+        "glob-parent": "^5.1.2",
+        "merge2": "^1.3.0",
+        "micromatch": "^4.0.8"
+      },
+      "engines": {
+        "node": ">=8.6.0"
+      }
+    },
+    "node_modules/fast-glob/node_modules/glob-parent": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "is-glob": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/fastq": {
+      "version": "1.20.1",
+      "resolved": "https://registry.npmjs.org/fastq/-/fastq-1.20.1.tgz",
+      "integrity": "sha512-GGToxJ/w1x32s/D2EKND7kTil4n8OVk/9mycTc4VDza13lOvpUZTGX3mFSCtV9ksdGBVzvsyAVLM6mHFThxXxw==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "reusify": "^1.0.4"
+      }
+    },
+    "node_modules/fdir": {
+      "version": "6.5.0",
+      "resolved": "https://registry.npmjs.org/fdir/-/fdir-6.5.0.tgz",
+      "integrity": "sha512-tIbYtZbucOs0BRGqPJkshJUYdL+SDH7dVM8gjy+ERp3WAUjLEFJE+02kanyHtwjWOnwrKYBiwAmM0p4kLJAnXg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "peerDependencies": {
+        "picomatch": "^3 || ^4"
+      },
+      "peerDependenciesMeta": {
+        "picomatch": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/fill-range": {
+      "version": "7.1.1",
+      "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz",
+      "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "to-regex-range": "^5.0.1"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/fraction.js": {
+      "version": "5.3.4",
+      "resolved": "https://registry.npmjs.org/fraction.js/-/fraction.js-5.3.4.tgz",
+      "integrity": "sha512-1X1NTtiJphryn/uLQz3whtY6jK3fTqoE3ohKs0tT+Ujr1W59oopxmoEh7Lu5p6vBaPbgoM0bzveAW4Qi5RyWDQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": "*"
+      },
+      "funding": {
+        "type": "github",
+        "url": "https://github.com/sponsors/rawify"
+      }
+    },
+    "node_modules/fsevents": {
+      "version": "2.3.3",
+      "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.3.tgz",
+      "integrity": "sha512-5xoDfX+fL7faATnagmWPpbFtwh/R77WmMMqqHGS65C3vvB0YHrgF+B1YmZ3441tMj5n63k0212XNoJwzlhffQw==",
+      "dev": true,
+      "hasInstallScript": true,
+      "license": "MIT",
+      "optional": true,
+      "os": [
+        "darwin"
+      ],
+      "engines": {
+        "node": "^8.16.0 || ^10.6.0 || >=11.0.0"
+      }
+    },
+    "node_modules/function-bind": {
+      "version": "1.1.2",
+      "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz",
+      "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==",
+      "dev": true,
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/get-tsconfig": {
+      "version": "4.13.6",
+      "resolved": "https://registry.npmjs.org/get-tsconfig/-/get-tsconfig-4.13.6.tgz",
+      "integrity": "sha512-shZT/QMiSHc/YBLxxOkMtgSid5HFoauqCE3/exfsEcwg1WkeqjG+V40yBbBrsD+jW2HDXcs28xOfcbm2jI8Ddw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "resolve-pkg-maps": "^1.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/privatenumber/get-tsconfig?sponsor=1"
+      }
+    },
+    "node_modules/giget": {
+      "version": "2.0.0",
+      "resolved": "https://registry.npmjs.org/giget/-/giget-2.0.0.tgz",
+      "integrity": "sha512-L5bGsVkxJbJgdnwyuheIunkGatUF/zssUoxxjACCseZYAVbaqdh9Tsmmlkl8vYan09H7sbvKt4pS8GqKLBrEzA==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "citty": "^0.1.6",
+        "consola": "^3.4.0",
+        "defu": "^6.1.4",
+        "node-fetch-native": "^1.6.6",
+        "nypm": "^0.6.0",
+        "pathe": "^2.0.3"
+      },
+      "bin": {
+        "giget": "dist/cli.mjs"
+      }
+    },
+    "node_modules/glob-parent": {
+      "version": "6.0.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-6.0.2.tgz",
+      "integrity": "sha512-XxwI8EOhVQgWp6iDL+3b0r86f4d6AX6zSU55HfB4ydCEuXLXc5FcYeOu+nnGftS4TEju/11rt4KJPTMgbfmv4A==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "is-glob": "^4.0.3"
+      },
+      "engines": {
+        "node": ">=10.13.0"
+      }
+    },
+    "node_modules/graceful-fs": {
+      "version": "4.2.11",
+      "resolved": "https://registry.npmjs.org/graceful-fs/-/graceful-fs-4.2.11.tgz",
+      "integrity": "sha512-RbJ5/jmFcNNCcDV5o9eTnBLJ/HszWV0P73bc+Ff4nS/rJj+YaS6IGyiOL0VoBYX+l1Wrl3k63h/KrH+nhJ0XvQ==",
+      "license": "ISC"
+    },
+    "node_modules/hasown": {
+      "version": "2.0.2",
+      "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz",
+      "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "function-bind": "^1.1.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      }
+    },
+    "node_modules/is-binary-path": {
+      "version": "2.1.0",
+      "resolved": "https://registry.npmjs.org/is-binary-path/-/is-binary-path-2.1.0.tgz",
+      "integrity": "sha512-ZMERYes6pDydyuGidse7OsHxtbI7WVeUEozgR/g7rd0xUimYNlvZRE/K2MgZTjWy725IfelLeVcEM97mmtRGXw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "binary-extensions": "^2.0.0"
+      },
+      "engines": {
+        "node": ">=8"
+      }
+    },
+    "node_modules/is-core-module": {
+      "version": "2.16.1",
+      "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.16.1.tgz",
+      "integrity": "sha512-UfoeMA6fIJ8wTYFEUjelnaGI67v6+N7qXJEvQuIGa99l4xsCruSYOVSQ0uPANn4dAzm8lkYPaKLrrijLq7x23w==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "hasown": "^2.0.2"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/is-extglob": {
+      "version": "2.1.1",
+      "resolved": "https://registry.npmjs.org/is-extglob/-/is-extglob-2.1.1.tgz",
+      "integrity": "sha512-SbKbANkN603Vi4jEZv49LeVJMn4yGwsbzZworEoyEiutsN3nJYdbO36zfhGJ6QEDpOZIFkDtnq5JRxmvl3jsoQ==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/is-glob": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/is-glob/-/is-glob-4.0.3.tgz",
+      "integrity": "sha512-xelSayHH36ZgE7ZWhli7pW34hNbNl8Ojv5KVmkJD4hBdD3th8Tfk9vYasLM+mXWOZhFkgZfxhLSnrwRr4elSSg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "is-extglob": "^2.1.1"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/is-number": {
+      "version": "7.0.0",
+      "resolved": "https://registry.npmjs.org/is-number/-/is-number-7.0.0.tgz",
+      "integrity": "sha512-41Cifkg6e8TylSpdtTpeLVMqvSBEVzTttHvERD741+pnZ8ANv0004MRL43QKPDlK9cGvNp6NZWZUBlbGXYxxng==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.12.0"
+      }
+    },
+    "node_modules/jiti": {
+      "version": "2.6.1",
+      "resolved": "https://registry.npmjs.org/jiti/-/jiti-2.6.1.tgz",
+      "integrity": "sha512-ekilCSN1jwRvIbgeg/57YFh8qQDNbwDb9xT/qu2DAHbFFZUicIl4ygVaAvzveMhMVr3LnpSKTNnwt8PoOfmKhQ==",
+      "devOptional": true,
+      "license": "MIT",
+      "bin": {
+        "jiti": "lib/jiti-cli.mjs"
+      }
+    },
+    "node_modules/jose": {
+      "version": "4.15.9",
+      "resolved": "https://registry.npmjs.org/jose/-/jose-4.15.9.tgz",
+      "integrity": "sha512-1vUQX+IdDMVPj4k8kOxgUqlcK518yluMuGZwqlr44FS1ppZB/5GWh4rZG89erpOBOJjU/OBsnCVFfapsRz6nEA==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
+    "node_modules/js-tokens": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/js-tokens/-/js-tokens-4.0.0.tgz",
+      "integrity": "sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==",
+      "license": "MIT"
+    },
+    "node_modules/lilconfig": {
+      "version": "3.1.3",
+      "resolved": "https://registry.npmjs.org/lilconfig/-/lilconfig-3.1.3.tgz",
+      "integrity": "sha512-/vlFKAoH5Cgt3Ie+JLhRbwOsCQePABiU3tJ1egGvyQ+33R/vcwM2Zl2QR/LzjsBeItPt3oSVXapn+m4nQDvpzw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=14"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/antonk52"
+      }
+    },
+    "node_modules/lines-and-columns": {
+      "version": "1.2.4",
+      "resolved": "https://registry.npmjs.org/lines-and-columns/-/lines-and-columns-1.2.4.tgz",
+      "integrity": "sha512-7ylylesZQ/PV29jhEDl3Ufjo6ZX7gCqJr5F7PKrqc93v7fzSymt1BpwEU8nAUXs8qzzvqhbjhK5QZg6Mt/HkBg==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/loose-envify": {
+      "version": "1.4.0",
+      "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz",
+      "integrity": "sha512-lyuxPGr/Wfhrlem2CL/UcnUc1zcqKAImBDzukY7Y5F/yQiNdko6+fRLevlw1HgMySw7f611UIY408EtxRSoK3Q==",
+      "license": "MIT",
+      "dependencies": {
+        "js-tokens": "^3.0.0 || ^4.0.0"
+      },
+      "bin": {
+        "loose-envify": "cli.js"
+      }
+    },
+    "node_modules/lru-cache": {
+      "version": "6.0.0",
+      "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz",
+      "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==",
+      "license": "ISC",
+      "dependencies": {
+        "yallist": "^4.0.0"
+      },
+      "engines": {
+        "node": ">=10"
+      }
+    },
+    "node_modules/merge2": {
+      "version": "1.4.1",
+      "resolved": "https://registry.npmjs.org/merge2/-/merge2-1.4.1.tgz",
+      "integrity": "sha512-8q7VEgMJW4J8tcfVPy8g09NcQwZdbwFEqhe/WZkoIzjn/3TGDwtOCYtXGxA3O8tPzpczCCDgv+P2P5y00ZJOOg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 8"
+      }
+    },
+    "node_modules/micromatch": {
+      "version": "4.0.8",
+      "resolved": "https://registry.npmjs.org/micromatch/-/micromatch-4.0.8.tgz",
+      "integrity": "sha512-PXwfBhYu0hBCPw8Dn0E+WDYb7af3dSLVWKi3HGv84IdF4TyFoC0ysxFd0Goxw7nSv4T/PzEJQxsYsEiFCKo2BA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "braces": "^3.0.3",
+        "picomatch": "^2.3.1"
+      },
+      "engines": {
+        "node": ">=8.6"
+      }
+    },
+    "node_modules/micromatch/node_modules/picomatch": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
+      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=8.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/mz": {
+      "version": "2.7.0",
+      "resolved": "https://registry.npmjs.org/mz/-/mz-2.7.0.tgz",
+      "integrity": "sha512-z81GNO7nnYMEhrGh9LeymoE4+Yr0Wn5McHIZMK5cfQCl+NDX08sCZgUc9/6MHni9IWuFLm1Z3HTCXu2z9fN62Q==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "any-promise": "^1.0.0",
+        "object-assign": "^4.0.1",
+        "thenify-all": "^1.0.0"
+      }
+    },
+    "node_modules/nanoid": {
+      "version": "3.3.11",
+      "resolved": "https://registry.npmjs.org/nanoid/-/nanoid-3.3.11.tgz",
+      "integrity": "sha512-N8SpfPUnUp1bK+PMYW8qSWdl9U+wwNWI4QKxOYDy9JAro3WMX7p2OeVRF9v+347pnakNevPmiHhNmZ2HbFA76w==",
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "bin": {
+        "nanoid": "bin/nanoid.cjs"
+      },
+      "engines": {
+        "node": "^10 || ^12 || ^13.7 || ^14 || >=15.0.1"
+      }
+    },
+    "node_modules/next": {
+      "version": "14.2.35",
+      "resolved": "https://registry.npmjs.org/next/-/next-14.2.35.tgz",
+      "integrity": "sha512-KhYd2Hjt/O1/1aZVX3dCwGXM1QmOV4eNM2UTacK5gipDdPN/oHHK/4oVGy7X8GMfPMsUTUEmGlsy0EY1YGAkig==",
+      "license": "MIT",
+      "dependencies": {
+        "@next/env": "14.2.35",
+        "@swc/helpers": "0.5.5",
+        "busboy": "1.6.0",
+        "caniuse-lite": "^1.0.30001579",
+        "graceful-fs": "^4.2.11",
+        "postcss": "8.4.31",
+        "styled-jsx": "5.1.1"
+      },
+      "bin": {
+        "next": "dist/bin/next"
+      },
+      "engines": {
+        "node": ">=18.17.0"
+      },
+      "optionalDependencies": {
+        "@next/swc-darwin-arm64": "14.2.33",
+        "@next/swc-darwin-x64": "14.2.33",
+        "@next/swc-linux-arm64-gnu": "14.2.33",
+        "@next/swc-linux-arm64-musl": "14.2.33",
+        "@next/swc-linux-x64-gnu": "14.2.33",
+        "@next/swc-linux-x64-musl": "14.2.33",
+        "@next/swc-win32-arm64-msvc": "14.2.33",
+        "@next/swc-win32-ia32-msvc": "14.2.33",
+        "@next/swc-win32-x64-msvc": "14.2.33"
+      },
+      "peerDependencies": {
+        "@opentelemetry/api": "^1.1.0",
+        "@playwright/test": "^1.41.2",
+        "react": "^18.2.0",
+        "react-dom": "^18.2.0",
+        "sass": "^1.3.0"
+      },
+      "peerDependenciesMeta": {
+        "@opentelemetry/api": {
+          "optional": true
+        },
+        "@playwright/test": {
+          "optional": true
+        },
+        "sass": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/next-auth": {
+      "version": "4.24.13",
+      "resolved": "https://registry.npmjs.org/next-auth/-/next-auth-4.24.13.tgz",
+      "integrity": "sha512-sgObCfcfL7BzIK76SS5TnQtc3yo2Oifp/yIpfv6fMfeBOiBJkDWF3A2y9+yqnmJ4JKc2C+nMjSjmgDeTwgN1rQ==",
+      "license": "ISC",
+      "dependencies": {
+        "@babel/runtime": "^7.20.13",
+        "@panva/hkdf": "^1.0.2",
+        "cookie": "^0.7.0",
+        "jose": "^4.15.5",
+        "oauth": "^0.9.15",
+        "openid-client": "^5.4.0",
+        "preact": "^10.6.3",
+        "preact-render-to-string": "^5.1.19",
+        "uuid": "^8.3.2"
+      },
+      "peerDependencies": {
+        "@auth/core": "0.34.3",
+        "next": "^12.2.5 || ^13 || ^14 || ^15 || ^16",
+        "nodemailer": "^7.0.7",
+        "react": "^17.0.2 || ^18 || ^19",
+        "react-dom": "^17.0.2 || ^18 || ^19"
+      },
+      "peerDependenciesMeta": {
+        "@auth/core": {
+          "optional": true
+        },
+        "nodemailer": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/next/node_modules/postcss": {
+      "version": "8.4.31",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.4.31.tgz",
+      "integrity": "sha512-PS08Iboia9mts/2ygV3eLpY5ghnUcfLV/EXTOW1E2qYxJKGGBUtNjN76FYHnMs36RmARn41bC0AZmn+rR0OVpQ==",
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/postcss"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "nanoid": "^3.3.6",
+        "picocolors": "^1.0.0",
+        "source-map-js": "^1.0.2"
+      },
+      "engines": {
+        "node": "^10 || ^12 || >=14"
+      }
+    },
+    "node_modules/node-fetch-native": {
+      "version": "1.6.7",
+      "resolved": "https://registry.npmjs.org/node-fetch-native/-/node-fetch-native-1.6.7.tgz",
+      "integrity": "sha512-g9yhqoedzIUm0nTnTqAQvueMPVOuIY16bqgAJJC8XOOubYFNwz6IER9qs0Gq2Xd0+CecCKFjtdDTMA4u4xG06Q==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/node-releases": {
+      "version": "2.0.27",
+      "resolved": "https://registry.npmjs.org/node-releases/-/node-releases-2.0.27.tgz",
+      "integrity": "sha512-nmh3lCkYZ3grZvqcCH+fjmQ7X+H0OeZgP40OierEaAptX4XofMh5kwNbWh7lBduUzCcV/8kZ+NDLCwm2iorIlA==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/nodemailer": {
+      "version": "7.0.13",
+      "resolved": "https://registry.npmjs.org/nodemailer/-/nodemailer-7.0.13.tgz",
+      "integrity": "sha512-PNDFSJdP+KFgdsG3ZzMXCgquO7I6McjY2vlqILjtJd0hy8wEvtugS9xKRF2NWlPNGxvLCXlTNIae4serI7dinw==",
+      "license": "MIT-0",
+      "peer": true,
+      "engines": {
+        "node": ">=6.0.0"
+      }
+    },
+    "node_modules/normalize-path": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/normalize-path/-/normalize-path-3.0.0.tgz",
+      "integrity": "sha512-6eZs5Ls3WtCisHWp9S2GUy8dqkpGi4BVSz3GaqiE6ezub0512ESztXUwUB6C6IKbQkY2Pnb/mD4WYojCRwcwLA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/nypm": {
+      "version": "0.6.5",
+      "resolved": "https://registry.npmjs.org/nypm/-/nypm-0.6.5.tgz",
+      "integrity": "sha512-K6AJy1GMVyfyMXRVB88700BJqNUkByijGJM8kEHpLdcAt+vSQAVfkWWHYzuRXHSY6xA2sNc5RjTj0p9rE2izVQ==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "citty": "^0.2.0",
+        "pathe": "^2.0.3",
+        "tinyexec": "^1.0.2"
+      },
+      "bin": {
+        "nypm": "dist/cli.mjs"
+      },
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/nypm/node_modules/citty": {
+      "version": "0.2.0",
+      "resolved": "https://registry.npmjs.org/citty/-/citty-0.2.0.tgz",
+      "integrity": "sha512-8csy5IBFI2ex2hTVpaHN2j+LNE199AgiI7y4dMintrr8i0lQiFn+0AWMZrWdHKIgMOer65f8IThysYhoReqjWA==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/oauth": {
+      "version": "0.9.15",
+      "resolved": "https://registry.npmjs.org/oauth/-/oauth-0.9.15.tgz",
+      "integrity": "sha512-a5ERWK1kh38ExDEfoO6qUHJb32rd7aYmPHuyCu3Fta/cnICvYmgd2uhuKXvPD+PXB+gCEYYEaQdIRAjCOwAKNA==",
+      "license": "MIT"
+    },
+    "node_modules/object-assign": {
+      "version": "4.1.1",
+      "resolved": "https://registry.npmjs.org/object-assign/-/object-assign-4.1.1.tgz",
+      "integrity": "sha512-rJgTQnkUnH1sFw8yT6VSU3zD3sWmu6sZhIseY8VX+GRu3P6F7Fu+JNDoXfklElbLJSnc3FUQHVe4cU5hj+BcUg==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/object-hash": {
+      "version": "2.2.0",
+      "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-2.2.0.tgz",
+      "integrity": "sha512-gScRMn0bS5fH+IuwyIFgnh9zBdo4DV+6GhygmWM9HyNJSgS0hScp1f5vjtm7oIIOiT9trXrShAkLFSc2IqKNgw==",
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/ohash": {
+      "version": "2.0.11",
+      "resolved": "https://registry.npmjs.org/ohash/-/ohash-2.0.11.tgz",
+      "integrity": "sha512-RdR9FQrFwNBNXAr4GixM8YaRZRJ5PUWbKYbE5eOsrwAjJW0q2REGcf79oYPsLyskQCZG1PLN+S/K1V00joZAoQ==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/oidc-token-hash": {
+      "version": "5.2.0",
+      "resolved": "https://registry.npmjs.org/oidc-token-hash/-/oidc-token-hash-5.2.0.tgz",
+      "integrity": "sha512-6gj2m8cJZ+iSW8bm0FXdGF0YhIQbKrfP4yWTNzxc31U6MOjfEmB1rHvlYvxI1B7t7BCi1F2vYTT6YhtQRG4hxw==",
+      "license": "MIT",
+      "engines": {
+        "node": "^10.13.0 || >=12.0.0"
+      }
+    },
+    "node_modules/openid-client": {
+      "version": "5.7.1",
+      "resolved": "https://registry.npmjs.org/openid-client/-/openid-client-5.7.1.tgz",
+      "integrity": "sha512-jDBPgSVfTnkIh71Hg9pRvtJc6wTwqjRkN88+gCFtYWrlP4Yx2Dsrow8uPi3qLr/aeymPF3o2+dS+wOpglK04ew==",
+      "license": "MIT",
+      "dependencies": {
+        "jose": "^4.15.9",
+        "lru-cache": "^6.0.0",
+        "object-hash": "^2.2.0",
+        "oidc-token-hash": "^5.0.3"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/panva"
+      }
+    },
+    "node_modules/path-parse": {
+      "version": "1.0.7",
+      "resolved": "https://registry.npmjs.org/path-parse/-/path-parse-1.0.7.tgz",
+      "integrity": "sha512-LDJzPVEEEPR+y48z93A0Ed0yXb8pAByGWo/k5YYdYgpY2/2EsOsksJrq7lOHxryrVOn1ejG6oAp8ahvOIQD8sw==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/pathe": {
+      "version": "2.0.3",
+      "resolved": "https://registry.npmjs.org/pathe/-/pathe-2.0.3.tgz",
+      "integrity": "sha512-WUjGcAqP1gQacoQe+OBJsFA7Ld4DyXuUIjZ5cc75cLHvJ7dtNsTugphxIADwspS+AraAUePCKrSVtPLFj/F88w==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/perfect-debounce": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/perfect-debounce/-/perfect-debounce-1.0.0.tgz",
+      "integrity": "sha512-xCy9V055GLEqoFaHoC1SoLIaLmWctgCUaBaWxDZ7/Zx4CTyX7cJQLJOok/orfjZAh9kEYpjJa4d0KcJmCbctZA==",
+      "devOptional": true,
+      "license": "MIT"
+    },
+    "node_modules/picocolors": {
+      "version": "1.1.1",
+      "resolved": "https://registry.npmjs.org/picocolors/-/picocolors-1.1.1.tgz",
+      "integrity": "sha512-xceH2snhtb5M9liqDsmEw56le376mTZkEX/jEb/RxNFyegNul7eNslCXP9FDj/Lcu0X8KEyMceP2ntpaHrDEVA==",
+      "license": "ISC"
+    },
+    "node_modules/picomatch": {
+      "version": "4.0.3",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-4.0.3.tgz",
+      "integrity": "sha512-5gTmgEY/sqK6gFXLIsQNH19lWb4ebPDLA4SdLP7dsWkIXHWlG66oPuVvXSGFPppYZz8ZDZq0dYYrbHfBCVUb1Q==",
+      "dev": true,
+      "license": "MIT",
+      "peer": true,
+      "engines": {
+        "node": ">=12"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/pify": {
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/pify/-/pify-2.3.0.tgz",
+      "integrity": "sha512-udgsAY+fTnvv7kI7aaxbqwWNb0AHiB0qBO89PZKPkoTmGOgdbrHDKD+0B2X4uTfJ/FT1R09r9gTsjUjNJotuog==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/pirates": {
+      "version": "4.0.7",
+      "resolved": "https://registry.npmjs.org/pirates/-/pirates-4.0.7.tgz",
+      "integrity": "sha512-TfySrs/5nm8fQJDcBDuUng3VOUKsd7S+zqvbOTiGXHfxX4wK31ard+hoNuvkicM/2YFzlpDgABOevKSsB4G/FA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/pkg-types": {
+      "version": "2.3.0",
+      "resolved": "https://registry.npmjs.org/pkg-types/-/pkg-types-2.3.0.tgz",
+      "integrity": "sha512-SIqCzDRg0s9npO5XQ3tNZioRY1uK06lA41ynBC1YmFTmnY6FjUjVt6s4LoADmwoig1qqD0oK8h1p/8mlMx8Oig==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "confbox": "^0.2.2",
+        "exsolve": "^1.0.7",
+        "pathe": "^2.0.3"
+      }
+    },
+    "node_modules/postcss": {
+      "version": "8.5.6",
+      "resolved": "https://registry.npmjs.org/postcss/-/postcss-8.5.6.tgz",
+      "integrity": "sha512-3Ybi1tAuwAP9s0r1UQ2J4n5Y0G05bJkpUIO0/bI9MhwmD70S5aTWbXGBwxHrelT+XM1k6dM0pk+SwNkpTRN7Pg==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/postcss"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "nanoid": "^3.3.11",
+        "picocolors": "^1.1.1",
+        "source-map-js": "^1.2.1"
+      },
+      "engines": {
+        "node": "^10 || ^12 || >=14"
+      }
+    },
+    "node_modules/postcss-import": {
+      "version": "15.1.0",
+      "resolved": "https://registry.npmjs.org/postcss-import/-/postcss-import-15.1.0.tgz",
+      "integrity": "sha512-hpr+J05B2FVYUAXHeK1YyI267J/dDDhMU6B6civm8hSY1jYJnBXxzKDKDswzJmtLHryrjhnDjqqp/49t8FALew==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "postcss-value-parser": "^4.0.0",
+        "read-cache": "^1.0.0",
+        "resolve": "^1.1.7"
+      },
+      "engines": {
+        "node": ">=14.0.0"
+      },
+      "peerDependencies": {
+        "postcss": "^8.0.0"
+      }
+    },
+    "node_modules/postcss-js": {
+      "version": "4.1.0",
+      "resolved": "https://registry.npmjs.org/postcss-js/-/postcss-js-4.1.0.tgz",
+      "integrity": "sha512-oIAOTqgIo7q2EOwbhb8UalYePMvYoIeRY2YKntdpFQXNosSu3vLrniGgmH9OKs/qAkfoj5oB3le/7mINW1LCfw==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "camelcase-css": "^2.0.1"
+      },
+      "engines": {
+        "node": "^12 || ^14 || >= 16"
+      },
+      "peerDependencies": {
+        "postcss": "^8.4.21"
+      }
+    },
+    "node_modules/postcss-load-config": {
+      "version": "6.0.1",
+      "resolved": "https://registry.npmjs.org/postcss-load-config/-/postcss-load-config-6.0.1.tgz",
+      "integrity": "sha512-oPtTM4oerL+UXmx+93ytZVN82RrlY/wPUV8IeDxFrzIjXOLF1pN+EmKPLbubvKHT2HC20xXsCAH2Z+CKV6Oz/g==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "lilconfig": "^3.1.1"
+      },
+      "engines": {
+        "node": ">= 18"
+      },
+      "peerDependencies": {
+        "jiti": ">=1.21.0",
+        "postcss": ">=8.0.9",
+        "tsx": "^4.8.1",
+        "yaml": "^2.4.2"
+      },
+      "peerDependenciesMeta": {
+        "jiti": {
+          "optional": true
+        },
+        "postcss": {
+          "optional": true
+        },
+        "tsx": {
+          "optional": true
+        },
+        "yaml": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/postcss-nested": {
+      "version": "6.2.0",
+      "resolved": "https://registry.npmjs.org/postcss-nested/-/postcss-nested-6.2.0.tgz",
+      "integrity": "sha512-HQbt28KulC5AJzG+cZtj9kvKB93CFCdLvog1WFLf1D+xmMvPGlBstkpTEZfK5+AN9hfJocyBFCNiqyS48bpgzQ==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/postcss/"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "postcss-selector-parser": "^6.1.1"
+      },
+      "engines": {
+        "node": ">=12.0"
+      },
+      "peerDependencies": {
+        "postcss": "^8.2.14"
+      }
+    },
+    "node_modules/postcss-selector-parser": {
+      "version": "6.1.2",
+      "resolved": "https://registry.npmjs.org/postcss-selector-parser/-/postcss-selector-parser-6.1.2.tgz",
+      "integrity": "sha512-Q8qQfPiZ+THO/3ZrOrO0cJJKfpYCagtMUkXbnEfmgUjwXg6z/WBeOyS9APBBPCTSiDV+s4SwQGu8yFsiMRIudg==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "cssesc": "^3.0.0",
+        "util-deprecate": "^1.0.2"
+      },
+      "engines": {
+        "node": ">=4"
+      }
+    },
+    "node_modules/postcss-value-parser": {
+      "version": "4.2.0",
+      "resolved": "https://registry.npmjs.org/postcss-value-parser/-/postcss-value-parser-4.2.0.tgz",
+      "integrity": "sha512-1NNCs6uurfkVbeXG4S8JFT9t19m45ICnif8zWLd5oPSZ50QnwMfK+H3jv408d4jw/7Bttv5axS5IiHoLaVNHeQ==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/preact": {
+      "version": "10.28.3",
+      "resolved": "https://registry.npmjs.org/preact/-/preact-10.28.3.tgz",
+      "integrity": "sha512-tCmoRkPQLpBeWzpmbhryairGnhW9tKV6c6gr/w+RhoRoKEJwsjzipwp//1oCpGPOchvSLaAPlpcJi9MwMmoPyA==",
+      "license": "MIT",
+      "peer": true,
+      "funding": {
+        "type": "opencollective",
+        "url": "https://opencollective.com/preact"
+      }
+    },
+    "node_modules/preact-render-to-string": {
+      "version": "5.2.6",
+      "resolved": "https://registry.npmjs.org/preact-render-to-string/-/preact-render-to-string-5.2.6.tgz",
+      "integrity": "sha512-JyhErpYOvBV1hEPwIxc/fHWXPfnEGdRKxc8gFdAZ7XV4tlzyzG847XAyEZqoDnynP88akM4eaHcSOzNcLWFguw==",
+      "license": "MIT",
+      "dependencies": {
+        "pretty-format": "^3.8.0"
+      },
+      "peerDependencies": {
+        "preact": ">=10"
+      }
+    },
+    "node_modules/pretty-format": {
+      "version": "3.8.0",
+      "resolved": "https://registry.npmjs.org/pretty-format/-/pretty-format-3.8.0.tgz",
+      "integrity": "sha512-WuxUnVtlWL1OfZFQFuqvnvs6MiAGk9UNsBostyBOB0Is9wb5uRESevA6rnl/rkksXaGX3GzZhPup5d6Vp1nFew==",
+      "license": "MIT"
+    },
+    "node_modules/prisma": {
+      "version": "6.19.2",
+      "resolved": "https://registry.npmjs.org/prisma/-/prisma-6.19.2.tgz",
+      "integrity": "sha512-XTKeKxtQElcq3U9/jHyxSPgiRgeYDKxWTPOf6NkXA0dNj5j40MfEsZkMbyNpwDWCUv7YBFUl7I2VK/6ALbmhEg==",
+      "devOptional": true,
+      "hasInstallScript": true,
+      "license": "Apache-2.0",
+      "peer": true,
+      "dependencies": {
+        "@prisma/config": "6.19.2",
+        "@prisma/engines": "6.19.2"
+      },
+      "bin": {
+        "prisma": "build/index.js"
+      },
+      "engines": {
+        "node": ">=18.18"
+      },
+      "peerDependencies": {
+        "typescript": ">=5.1.0"
+      },
+      "peerDependenciesMeta": {
+        "typescript": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/pure-rand": {
+      "version": "6.1.0",
+      "resolved": "https://registry.npmjs.org/pure-rand/-/pure-rand-6.1.0.tgz",
+      "integrity": "sha512-bVWawvoZoBYpp6yIoQtQXHZjmz35RSVHnUOTefl8Vcjr8snTPY1wnpSPMWekcFwbxI6gtmT7rSYPFvz71ldiOA==",
+      "devOptional": true,
+      "funding": [
+        {
+          "type": "individual",
+          "url": "https://github.com/sponsors/dubzzz"
+        },
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/fast-check"
+        }
+      ],
+      "license": "MIT"
+    },
+    "node_modules/queue-microtask": {
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/queue-microtask/-/queue-microtask-1.2.3.tgz",
+      "integrity": "sha512-NuaNSa6flKT5JaSYQzJok04JzTL1CA6aGhv5rfLW3PgqA+M2ChpZQnAC8h8i4ZFkBS8X5RqkDBHA7r4hej3K9A==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ],
+      "license": "MIT"
+    },
+    "node_modules/rc9": {
+      "version": "2.1.2",
+      "resolved": "https://registry.npmjs.org/rc9/-/rc9-2.1.2.tgz",
+      "integrity": "sha512-btXCnMmRIBINM2LDZoEmOogIZU7Qe7zn4BpomSKZ/ykbLObuBdvG+mFq11DL6fjH1DRwHhrlgtYWG96bJiC7Cg==",
+      "devOptional": true,
+      "license": "MIT",
+      "dependencies": {
+        "defu": "^6.1.4",
+        "destr": "^2.0.3"
+      }
+    },
+    "node_modules/react": {
+      "version": "18.3.1",
+      "resolved": "https://registry.npmjs.org/react/-/react-18.3.1.tgz",
+      "integrity": "sha512-wS+hAgJShR0KhEvPJArfuPVN1+Hz1t0Y6n5jLrGQbkb4urgPE/0Rve+1kMB1v/oWgHgm4WIcV+i7F2pTVj+2iQ==",
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "loose-envify": "^1.1.0"
+      },
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/react-dom": {
+      "version": "18.3.1",
+      "resolved": "https://registry.npmjs.org/react-dom/-/react-dom-18.3.1.tgz",
+      "integrity": "sha512-5m4nQKp+rZRb09LNH59GM4BxTh9251/ylbKIbpe7TpGxfJ+9kv6BLkLBXIjjspbgbnIBNqlI23tRnTWT0snUIw==",
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "loose-envify": "^1.1.0",
+        "scheduler": "^0.23.2"
+      },
+      "peerDependencies": {
+        "react": "^18.3.1"
+      }
+    },
+    "node_modules/read-cache": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/read-cache/-/read-cache-1.0.0.tgz",
+      "integrity": "sha512-Owdv/Ft7IjOgm/i0xvNDZ1LrRANRfew4b2prF3OWMQLxLfu3bS8FVhCsrSCMK4lR56Y9ya+AThoTpDCTxCmpRA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "pify": "^2.3.0"
+      }
+    },
+    "node_modules/readdirp": {
+      "version": "4.1.2",
+      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-4.1.2.tgz",
+      "integrity": "sha512-GDhwkLfywWL2s6vEjyhri+eXmfH6j1L7JE27WhqLeYzoh/A3DBaYGEj2H/HFZCn/kMfim73FXxEJTw06WtxQwg==",
+      "devOptional": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 14.18.0"
+      },
+      "funding": {
+        "type": "individual",
+        "url": "https://paulmillr.com/funding/"
+      }
+    },
+    "node_modules/resolve": {
+      "version": "1.22.11",
+      "resolved": "https://registry.npmjs.org/resolve/-/resolve-1.22.11.tgz",
+      "integrity": "sha512-RfqAvLnMl313r7c9oclB1HhUEAezcpLjz95wFH4LVuhk9JF/r22qmVP9AMmOU4vMX7Q8pN8jwNg/CSpdFnMjTQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "is-core-module": "^2.16.1",
+        "path-parse": "^1.0.7",
+        "supports-preserve-symlinks-flag": "^1.0.0"
+      },
+      "bin": {
+        "resolve": "bin/resolve"
+      },
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/resolve-pkg-maps": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/resolve-pkg-maps/-/resolve-pkg-maps-1.0.0.tgz",
+      "integrity": "sha512-seS2Tj26TBVOC2NIc2rOe2y2ZO7efxITtLZcGSOnHHNOQ7CkiUBfw0Iw2ck6xkIhPwLhKNLS8BO+hEpngQlqzw==",
+      "dev": true,
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/privatenumber/resolve-pkg-maps?sponsor=1"
+      }
+    },
+    "node_modules/reusify": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/reusify/-/reusify-1.1.0.tgz",
+      "integrity": "sha512-g6QUff04oZpHs0eG5p83rFLhHeV00ug/Yf9nZM6fLeUrPguBTkTQOdpAWWspMh55TZfVQDPaN3NQJfbVRAxdIw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "iojs": ">=1.0.0",
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/run-parallel": {
+      "version": "1.2.0",
+      "resolved": "https://registry.npmjs.org/run-parallel/-/run-parallel-1.2.0.tgz",
+      "integrity": "sha512-5l4VyZR86LZ/lDxZTR6jqL8AFE2S0IFLMP26AbjsLVADxHdhB/c0GUsH+y39UfCi3dzz8OlQuPmnaJOMoDHQBA==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/feross"
+        },
+        {
+          "type": "patreon",
+          "url": "https://www.patreon.com/feross"
+        },
+        {
+          "type": "consulting",
+          "url": "https://feross.org/support"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "queue-microtask": "^1.2.2"
+      }
+    },
+    "node_modules/scheduler": {
+      "version": "0.23.2",
+      "resolved": "https://registry.npmjs.org/scheduler/-/scheduler-0.23.2.tgz",
+      "integrity": "sha512-UOShsPwz7NrMUqhR6t0hWjFduvOzbtv7toDH1/hIrfRNIDBnnBWd0CwJTGvTpngVlmwGCdP9/Zl/tVrDqcuYzQ==",
+      "license": "MIT",
+      "dependencies": {
+        "loose-envify": "^1.1.0"
+      }
+    },
+    "node_modules/source-map-js": {
+      "version": "1.2.1",
+      "resolved": "https://registry.npmjs.org/source-map-js/-/source-map-js-1.2.1.tgz",
+      "integrity": "sha512-UXWMKhLOwVKb728IUtQPXxfYU+usdybtUrK/8uGE8CQMvrhOpwvzDBwj0QhSL7MQc7vIsISBG8VQ8+IDQxpfQA==",
+      "license": "BSD-3-Clause",
+      "engines": {
+        "node": ">=0.10.0"
+      }
+    },
+    "node_modules/streamsearch": {
+      "version": "1.1.0",
+      "resolved": "https://registry.npmjs.org/streamsearch/-/streamsearch-1.1.0.tgz",
+      "integrity": "sha512-Mcc5wHehp9aXz1ax6bZUyY5afg9u2rv5cqQI3mRrYkGC8rW2hM02jWuwjtL++LS5qinSyhj2QfLyNsuc+VsExg==",
+      "engines": {
+        "node": ">=10.0.0"
+      }
+    },
+    "node_modules/styled-jsx": {
+      "version": "5.1.1",
+      "resolved": "https://registry.npmjs.org/styled-jsx/-/styled-jsx-5.1.1.tgz",
+      "integrity": "sha512-pW7uC1l4mBZ8ugbiZrcIsiIvVx1UmTfw7UkC3Um2tmfUq9Bhk8IiyEIPl6F8agHgjzku6j0xQEZbfA5uSgSaCw==",
+      "license": "MIT",
+      "dependencies": {
+        "client-only": "0.0.1"
+      },
+      "engines": {
+        "node": ">= 12.0.0"
+      },
+      "peerDependencies": {
+        "react": ">= 16.8.0 || 17.x.x || ^18.0.0-0"
+      },
+      "peerDependenciesMeta": {
+        "@babel/core": {
+          "optional": true
+        },
+        "babel-plugin-macros": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/sucrase": {
+      "version": "3.35.1",
+      "resolved": "https://registry.npmjs.org/sucrase/-/sucrase-3.35.1.tgz",
+      "integrity": "sha512-DhuTmvZWux4H1UOnWMB3sk0sbaCVOoQZjv8u1rDoTV0HTdGem9hkAZtl4JZy8P2z4Bg0nT+YMeOFyVr4zcG5Tw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@jridgewell/gen-mapping": "^0.3.2",
+        "commander": "^4.0.0",
+        "lines-and-columns": "^1.1.6",
+        "mz": "^2.7.0",
+        "pirates": "^4.0.1",
+        "tinyglobby": "^0.2.11",
+        "ts-interface-checker": "^0.1.9"
+      },
+      "bin": {
+        "sucrase": "bin/sucrase",
+        "sucrase-node": "bin/sucrase-node"
+      },
+      "engines": {
+        "node": ">=16 || 14 >=14.17"
+      }
+    },
+    "node_modules/supports-preserve-symlinks-flag": {
+      "version": "1.0.0",
+      "resolved": "https://registry.npmjs.org/supports-preserve-symlinks-flag/-/supports-preserve-symlinks-flag-1.0.0.tgz",
+      "integrity": "sha512-ot0WnXS9fgdkgIcePe6RHNk1WA8+muPa6cSjeR3V8K27q9BB1rTE3R1p7Hv0z1ZyAc8s6Vvv8DIyWf681MAt0w==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 0.4"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/ljharb"
+      }
+    },
+    "node_modules/tailwindcss": {
+      "version": "3.4.19",
+      "resolved": "https://registry.npmjs.org/tailwindcss/-/tailwindcss-3.4.19.tgz",
+      "integrity": "sha512-3ofp+LL8E+pK/JuPLPggVAIaEuhvIz4qNcf3nA1Xn2o/7fb7s/TYpHhwGDv1ZU3PkBluUVaF8PyCHcm48cKLWQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "@alloc/quick-lru": "^5.2.0",
+        "arg": "^5.0.2",
+        "chokidar": "^3.6.0",
+        "didyoumean": "^1.2.2",
+        "dlv": "^1.1.3",
+        "fast-glob": "^3.3.2",
+        "glob-parent": "^6.0.2",
+        "is-glob": "^4.0.3",
+        "jiti": "^1.21.7",
+        "lilconfig": "^3.1.3",
+        "micromatch": "^4.0.8",
+        "normalize-path": "^3.0.0",
+        "object-hash": "^3.0.0",
+        "picocolors": "^1.1.1",
+        "postcss": "^8.4.47",
+        "postcss-import": "^15.1.0",
+        "postcss-js": "^4.0.1",
+        "postcss-load-config": "^4.0.2 || ^5.0 || ^6.0",
+        "postcss-nested": "^6.2.0",
+        "postcss-selector-parser": "^6.1.2",
+        "resolve": "^1.22.8",
+        "sucrase": "^3.35.0"
+      },
+      "bin": {
+        "tailwind": "lib/cli.js",
+        "tailwindcss": "lib/cli.js"
+      },
+      "engines": {
+        "node": ">=14.0.0"
+      }
+    },
+    "node_modules/tailwindcss/node_modules/chokidar": {
+      "version": "3.6.0",
+      "resolved": "https://registry.npmjs.org/chokidar/-/chokidar-3.6.0.tgz",
+      "integrity": "sha512-7VT13fmjotKpGipCW9JEQAusEPE+Ei8nl6/g4FBAmIm0GOOLMua9NDDo/DWp0ZAxCr3cPq5ZpBqmPAQgDda2Pw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "anymatch": "~3.1.2",
+        "braces": "~3.0.2",
+        "glob-parent": "~5.1.2",
+        "is-binary-path": "~2.1.0",
+        "is-glob": "~4.0.1",
+        "normalize-path": "~3.0.0",
+        "readdirp": "~3.6.0"
+      },
+      "engines": {
+        "node": ">= 8.10.0"
+      },
+      "funding": {
+        "url": "https://paulmillr.com/funding/"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.2"
+      }
+    },
+    "node_modules/tailwindcss/node_modules/chokidar/node_modules/glob-parent": {
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
+      "dev": true,
+      "license": "ISC",
+      "dependencies": {
+        "is-glob": "^4.0.1"
+      },
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/tailwindcss/node_modules/jiti": {
+      "version": "1.21.7",
+      "resolved": "https://registry.npmjs.org/jiti/-/jiti-1.21.7.tgz",
+      "integrity": "sha512-/imKNG4EbWNrVjoNC/1H5/9GFy+tqjGBHCaSsN+P2RnPqjsLmv6UD3Ej+Kj8nBWaRAwyk7kK5ZUc+OEatnTR3A==",
+      "dev": true,
+      "license": "MIT",
+      "bin": {
+        "jiti": "bin/jiti.js"
+      }
+    },
+    "node_modules/tailwindcss/node_modules/object-hash": {
+      "version": "3.0.0",
+      "resolved": "https://registry.npmjs.org/object-hash/-/object-hash-3.0.0.tgz",
+      "integrity": "sha512-RSn9F68PjH9HqtltsSnqYC1XXoWe9Bju5+213R98cNGttag9q9yAOTzdbsqvIa7aNm5WffBZFpWYr2aWrklWAw==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">= 6"
+      }
+    },
+    "node_modules/tailwindcss/node_modules/picomatch": {
+      "version": "2.3.1",
+      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.1.tgz",
+      "integrity": "sha512-JU3teHTNjmE2VCGFzuY8EXzCDVwEqB2a8fsIvwaStHhAWJEeVd1o1QD80CU6+ZdEXXSLbSsuLwJjkCBWqRQUVA==",
+      "dev": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=8.6"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/jonschlinkert"
+      }
+    },
+    "node_modules/tailwindcss/node_modules/readdirp": {
+      "version": "3.6.0",
+      "resolved": "https://registry.npmjs.org/readdirp/-/readdirp-3.6.0.tgz",
+      "integrity": "sha512-hOS089on8RduqdbhvQ5Z37A0ESjsqz6qnRcffsMU3495FuTdqSm+7bhJ29JvIOsBDEEnan5DPu9t3To9VRlMzA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "picomatch": "^2.2.1"
+      },
+      "engines": {
+        "node": ">=8.10.0"
+      }
+    },
+    "node_modules/thenify": {
+      "version": "3.3.1",
+      "resolved": "https://registry.npmjs.org/thenify/-/thenify-3.3.1.tgz",
+      "integrity": "sha512-RVZSIV5IG10Hk3enotrhvz0T9em6cyHBLkH/YAZuKqd8hRkKhSfCGIcP2KUY0EPxndzANBmNllzWPwak+bheSw==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "any-promise": "^1.0.0"
+      }
+    },
+    "node_modules/thenify-all": {
+      "version": "1.6.0",
+      "resolved": "https://registry.npmjs.org/thenify-all/-/thenify-all-1.6.0.tgz",
+      "integrity": "sha512-RNxQH/qI8/t3thXJDwcstUO4zeqo64+Uy/+sNVRBx4Xn2OX+OZ9oP+iJnNFqplFra2ZUVeKCSa2oVWi3T4uVmA==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "thenify": ">= 3.1.0 < 4"
+      },
+      "engines": {
+        "node": ">=0.8"
+      }
+    },
+    "node_modules/tinyexec": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/tinyexec/-/tinyexec-1.0.2.tgz",
+      "integrity": "sha512-W/KYk+NFhkmsYpuHq5JykngiOCnxeVL8v8dFnqxSD8qEEdRfXk1SDM6JzNqcERbcGYj9tMrDQBYV9cjgnunFIg==",
+      "devOptional": true,
+      "license": "MIT",
+      "engines": {
+        "node": ">=18"
+      }
+    },
+    "node_modules/tinyglobby": {
+      "version": "0.2.15",
+      "resolved": "https://registry.npmjs.org/tinyglobby/-/tinyglobby-0.2.15.tgz",
+      "integrity": "sha512-j2Zq4NyQYG5XMST4cbs02Ak8iJUdxRM0XI5QyxXuZOzKOINmWurp3smXu3y5wDcJrptwpSjgXHzIQxR0omXljQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "fdir": "^6.5.0",
+        "picomatch": "^4.0.3"
+      },
+      "engines": {
+        "node": ">=12.0.0"
+      },
+      "funding": {
+        "url": "https://github.com/sponsors/SuperchupuDev"
+      }
+    },
+    "node_modules/to-regex-range": {
+      "version": "5.0.1",
+      "resolved": "https://registry.npmjs.org/to-regex-range/-/to-regex-range-5.0.1.tgz",
+      "integrity": "sha512-65P7iz6X5yEr1cwcgvQxbbIw7Uk3gOy5dIdtZ4rDveLqhrdJP+Li/Hx6tyK0NEb+2GCyneCMJiGqrADCSNk8sQ==",
+      "dev": true,
+      "license": "MIT",
+      "dependencies": {
+        "is-number": "^7.0.0"
+      },
+      "engines": {
+        "node": ">=8.0"
+      }
+    },
+    "node_modules/ts-interface-checker": {
+      "version": "0.1.13",
+      "resolved": "https://registry.npmjs.org/ts-interface-checker/-/ts-interface-checker-0.1.13.tgz",
+      "integrity": "sha512-Y/arvbn+rrz3JCKl9C4kVNfTfSm2/mEp5FSz5EsZSANGPSlQrpRI5M4PKF+mJnE52jOO90PnPSc3Ur3bTQw0gA==",
+      "dev": true,
+      "license": "Apache-2.0"
+    },
+    "node_modules/tslib": {
+      "version": "2.8.1",
+      "resolved": "https://registry.npmjs.org/tslib/-/tslib-2.8.1.tgz",
+      "integrity": "sha512-oJFu94HQb+KVduSUQL7wnpmqnfmLsOA/nAh6b6EH0wCEoK0/mPeXU6c3wKDV83MkOuHPRHtSXKKU99IBazS/2w==",
+      "license": "0BSD"
+    },
+    "node_modules/tsx": {
+      "version": "4.21.0",
+      "resolved": "https://registry.npmjs.org/tsx/-/tsx-4.21.0.tgz",
+      "integrity": "sha512-5C1sg4USs1lfG0GFb2RLXsdpXqBSEhAaA/0kPL01wxzpMqLILNxIxIOKiILz+cdg/pLnOUxFYOR5yhHU666wbw==",
+      "dev": true,
+      "license": "MIT",
+      "peer": true,
+      "dependencies": {
+        "esbuild": "~0.27.0",
+        "get-tsconfig": "^4.7.5"
+      },
+      "bin": {
+        "tsx": "dist/cli.mjs"
+      },
+      "engines": {
+        "node": ">=18.0.0"
+      },
+      "optionalDependencies": {
+        "fsevents": "~2.3.3"
+      }
+    },
+    "node_modules/typescript": {
+      "version": "5.9.3",
+      "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.9.3.tgz",
+      "integrity": "sha512-jl1vZzPDinLr9eUt3J/t7V6FgNEw9QjvBPdysz9KfQDD41fQrC2Y4vKQdiaUpFT4bXlb1RHhLpp8wtm6M5TgSw==",
+      "devOptional": true,
+      "license": "Apache-2.0",
+      "peer": true,
+      "bin": {
+        "tsc": "bin/tsc",
+        "tsserver": "bin/tsserver"
+      },
+      "engines": {
+        "node": ">=14.17"
+      }
+    },
+    "node_modules/undici-types": {
+      "version": "6.21.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-6.21.0.tgz",
+      "integrity": "sha512-iwDZqg0QAGrg9Rav5H4n0M64c3mkR59cJ6wQp+7C4nI0gsmExaedaYLNO44eT4AtBBwjbTiGPMlt2Md0T9H9JQ==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/update-browserslist-db": {
+      "version": "1.2.3",
+      "resolved": "https://registry.npmjs.org/update-browserslist-db/-/update-browserslist-db-1.2.3.tgz",
+      "integrity": "sha512-Js0m9cx+qOgDxo0eMiFGEueWztz+d4+M3rGlmKPT+T4IS/jP4ylw3Nwpu6cpTTP8R1MAC1kF4VbdLt3ARf209w==",
+      "dev": true,
+      "funding": [
+        {
+          "type": "opencollective",
+          "url": "https://opencollective.com/browserslist"
+        },
+        {
+          "type": "tidelift",
+          "url": "https://tidelift.com/funding/github/npm/browserslist"
+        },
+        {
+          "type": "github",
+          "url": "https://github.com/sponsors/ai"
+        }
+      ],
+      "license": "MIT",
+      "dependencies": {
+        "escalade": "^3.2.0",
+        "picocolors": "^1.1.1"
+      },
+      "bin": {
+        "update-browserslist-db": "cli.js"
+      },
+      "peerDependencies": {
+        "browserslist": ">= 4.21.0"
+      }
+    },
+    "node_modules/util-deprecate": {
+      "version": "1.0.2",
+      "resolved": "https://registry.npmjs.org/util-deprecate/-/util-deprecate-1.0.2.tgz",
+      "integrity": "sha512-EPD5q1uXyFxJpCrLnCc1nHnq3gOa6DZBocAIiI2TaSCA7VCJ1UJDMagCzIkXNsUYfD1daK//LTEQ8xiIbrHtcw==",
+      "dev": true,
+      "license": "MIT"
+    },
+    "node_modules/uuid": {
+      "version": "8.3.2",
+      "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz",
+      "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==",
+      "license": "MIT",
+      "bin": {
+        "uuid": "dist/bin/uuid"
+      }
+    },
+    "node_modules/ws": {
+      "version": "8.19.0",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.19.0.tgz",
+      "integrity": "sha512-blAT2mjOEIi0ZzruJfIhb3nps74PRWTCz1IjglWEEpQl5XS/UNama6u2/rjFkDDouqr4L67ry+1aGIALViWjDg==",
+      "license": "MIT",
+      "engines": {
+        "node": ">=10.0.0"
+      },
+      "peerDependencies": {
+        "bufferutil": "^4.0.1",
+        "utf-8-validate": ">=5.0.2"
+      },
+      "peerDependenciesMeta": {
+        "bufferutil": {
+          "optional": true
+        },
+        "utf-8-validate": {
+          "optional": true
+        }
+      }
+    },
+    "node_modules/yallist": {
+      "version": "4.0.0",
+      "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz",
+      "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==",
+      "license": "ISC"
+    },
+    "node_modules/zod": {
+      "version": "3.25.76",
+      "resolved": "https://registry.npmjs.org/zod/-/zod-3.25.76.tgz",
+      "integrity": "sha512-gzUt/qt81nXsFGKIFcC3YnfEAx5NkunCfnDlvuBSSFS02bcXu4Lmea0AFIUwbLWxWPx3d9p8S5QoaujKcNQxcQ==",
+      "license": "MIT",
+      "funding": {
+        "url": "https://github.com/sponsors/colinhacks"
+      }
+    }
+  }
+}
diff --git a/package.json b/package.json
new file mode 100644
index 0000000..67f04df
--- /dev/null
+++ b/package.json
@@ -0,0 +1,41 @@
+{
+  "name": "superbowl-squares",
+  "version": "1.0.0",
+  "private": true,
+  "scripts": {
+    "dev": "tsx server.ts",
+    "build": "next build",
+    "start": "node server.js",
+    "db:push": "prisma db push",
+    "db:seed": "tsx prisma/seed.ts",
+    "db:migrate": "prisma migrate deploy",
+    "db:generate": "prisma generate",
+    "postinstall": "prisma generate"
+  },
+  "dependencies": {
+    "@prisma/client": "^6.3.0",
+    "bcryptjs": "^2.4.3",
+    "emoji-mart": "^5.6.0",
+    "next": "^14.2.21",
+    "next-auth": "^4.24.11",
+    "nodemailer": "^7.0.7",
+    "react": "^18.3.1",
+    "react-dom": "^18.3.1",
+    "ws": "^8.18.0",
+    "zod": "^3.24.1"
+  },
+  "devDependencies": {
+    "@types/bcryptjs": "^2.4.6",
+    "@types/node": "^22.10.0",
+    "@types/nodemailer": "^6.4.17",
+    "@types/react": "^18.3.12",
+    "@types/react-dom": "^18.3.1",
+    "@types/ws": "^8.5.13",
+    "autoprefixer": "^10.4.20",
+    "postcss": "^8.4.49",
+    "prisma": "^6.3.0",
+    "tailwindcss": "^3.4.16",
+    "tsx": "^4.19.2",
+    "typescript": "^5.7.2"
+  }
+}
diff --git a/postcss.config.js b/postcss.config.js
new file mode 100644
index 0000000..a1b36d2
--- /dev/null
+++ b/postcss.config.js
@@ -0,0 +1,6 @@
+module.exports = {
+  plugins: {
+    tailwindcss: {},
+    autoprefixer: {},
+  },
+};
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
new file mode 100644
index 0000000..565470d
--- /dev/null
+++ b/prisma/schema.prisma
@@ -0,0 +1,141 @@
+generator client {
+  provider = "prisma-client-js"
+}
+
+datasource db {
+  provider = "postgresql"
+  url      = env("DATABASE_URL")
+}
+
+enum Role {
+  ADMIN
+  VIEWER
+  PLAYER
+}
+
+enum PaymentType {
+  VENMO
+  PAYPAL
+  CASHAPP
+  ZELLE
+  CASH
+}
+
+model User {
+  id           String        @id @default(cuid())
+  email        String        @unique
+  name         String
+  passwordHash String
+  role         Role          @default(PLAYER)
+  createdAt    DateTime      @default(now())
+  updatedAt    DateTime      @updatedAt
+  squares      Square[]
+  chatMessages ChatMessage[]
+}
+
+model GameSettings {
+  id             String          @id @default("singleton")
+  title          String          @default("Super Bowl Squares")
+  commissioner   String          @default("")
+  eventName      String          @default("Super Bowl")
+  eventDate      String          @default("")
+  eventTime      String          @default("")
+  sbLogo         String          @default("/images/superbowlnumber.png")
+  nfcTeam        String          @default("NFC Team")
+  nfcLogo        String          @default("/images/nfc-generic.png")
+  afcTeam        String          @default("AFC Team")
+  afcLogo        String          @default("/images/afc-generic.png")
+  betAmount      Float           @default(10)
+  winFirstPct    Float           @default(20)
+  winSecondPct   Float           @default(20)
+  winThirdPct    Float           @default(20)
+  winFinalPct    Float           @default(30)
+  donationPct    Float           @default(10)
+  graceHours     Int             @default(48)
+  rulesText           String          @default("")
+  paymentInstructions String          @default("")
+  paymentMethods      PaymentMethod[]
+}
+
+model PaymentMethod {
+  id             String       @id @default(cuid())
+  gameSettingsId String       @default("singleton")
+  gameSettings   GameSettings @relation(fields: [gameSettingsId], references: [id], onDelete: Cascade)
+  type           PaymentType
+  value          String
+  enabled        Boolean      @default(true)
+}
+
+model Square {
+  id        String   @id @default(cuid())
+  position  String   @unique // "00" to "99"
+  userId    String?
+  user      User?    @relation(fields: [userId], references: [id], onDelete: SetNull)
+  guestName String?
+  guestEmail String?
+  notes     String?
+  confirmed Boolean  @default(false)
+  signupDate DateTime?
+  firstWin  Boolean  @default(false)
+  halfWin   Boolean  @default(false)
+  thirdWin  Boolean  @default(false)
+  finalWin     Boolean  @default(false)
+  reminderSent Boolean  @default(false)
+}
+
+model GridNumber {
+  id        String @id @default(cuid())
+  position  Int    @unique // 0-9 (column/row index)
+  nfcNumber Int    // 0-9
+  afcNumber Int    // 0-9
+}
+
+model Score {
+  id        String   @id @default("singleton")
+  nfcFirst  Int?
+  afcFirst  Int?
+  nfcHalf   Int?
+  afcHalf   Int?
+  nfcThird  Int?
+  afcThird  Int?
+  nfcFinal  Int?
+  afcFinal  Int?
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+
+model EmailSettings {
+  id        String  @id @default("singleton")
+  smtpHost  String  @default("")
+  smtpPort  Int     @default(587)
+  smtpUser  String  @default("")
+  smtpPass  String  @default("")
+  useSsl    Boolean @default(false)
+  fromEmail String  @default("")
+  fromName  String  @default("")
+}
+
+model EmailTemplate {
+  id        String   @id @default(cuid())
+  name      String   @unique
+  subject   String
+  body      String
+  createdAt DateTime @default(now())
+  updatedAt DateTime @updatedAt
+}
+
+model ChatMessage {
+  id        String   @id @default(cuid())
+  userId    String?
+  user      User?    @relation(fields: [userId], references: [id], onDelete: SetNull)
+  guestName String?
+  message   String
+  deleted   Boolean  @default(false)
+  createdAt DateTime @default(now())
+}
+
+model ChatBlacklist {
+  id        String   @id @default(cuid())
+  word      String   @unique
+  createdAt DateTime @default(now())
+}
diff --git a/prisma/seed.ts b/prisma/seed.ts
new file mode 100644
index 0000000..0d856bd
--- /dev/null
+++ b/prisma/seed.ts
@@ -0,0 +1,118 @@
+import { PrismaClient } from '@prisma/client';
+
+const prisma = new PrismaClient();
+
+async function main() {
+  // Seed 100 squares (positions "00" through "99")
+  const squares = [];
+  for (let row = 0; row < 10; row++) {
+    for (let col = 0; col < 10; col++) {
+      const position = `${row}${col}`;
+      squares.push({ position });
+    }
+  }
+
+  for (const square of squares) {
+    await prisma.square.upsert({
+      where: { position: square.position },
+      update: {},
+      create: square,
+    });
+  }
+
+  // Seed default game settings
+  await prisma.gameSettings.upsert({
+    where: { id: 'singleton' },
+    update: {},
+    create: {
+      id: 'singleton',
+      title: 'Super Bowl Squares',
+      commissioner: 'Commissioner',
+      eventName: 'Super Bowl',
+      betAmount: 10,
+      winFirstPct: 20,
+      winSecondPct: 20,
+      winThirdPct: 20,
+      winFinalPct: 30,
+      donationPct: 10,
+      graceHours: 48,
+    },
+  });
+
+  // Seed default score row
+  await prisma.score.upsert({
+    where: { id: 'singleton' },
+    update: {},
+    create: { id: 'singleton' },
+  });
+
+  // Seed default email settings
+  await prisma.emailSettings.upsert({
+    where: { id: 'singleton' },
+    update: {},
+    create: { id: 'singleton' },
+  });
+
+  // Seed default email templates
+  const templates = [
+    {
+      name: 'welcome',
+      subject: 'Welcome to {{eventName}}!',
+      body: 'Hi {{name}},\n\nWelcome to {{eventName}} Squares!\n\nYour account has been created successfully.\n\nUsername: {{email}}\n\nYou can log in and view the game board at:\n{{gameUrl}}/login\n\nThanks for joining!\n{{commissioner}}',
+    },
+    {
+      name: 'square_confirmation',
+      subject: 'Square Purchase Confirmation - {{eventName}}',
+      body: 'Hi {{name}},\n\nThank you for purchasing squares for {{eventName}}!\n\nSquare(s): {{squares}}\nAmount Due: ${{amountDue}}\n\nPlease submit payment within {{graceHours}} hours to keep your squares.\n\nPayment Instructions:\n{{paymentInstructions}}\n\nPayment Methods:\n{{paymentMethods}}\n\nView your squares at: {{gameUrl}}\n\nThanks,\n{{commissioner}}',
+    },
+    {
+      name: 'square_confirmed',
+      subject: 'Payment Confirmed - {{eventName}}',
+      body: 'Hi {{name}},\n\nGreat news! Your payment has been confirmed for {{eventName}}.\n\nSquare(s): {{squares}}\n\nYour squares are now locked in. View the game board at:\n{{gameUrl}}\n\nGood luck!\n{{commissioner}}',
+    },
+    {
+      name: 'square_released',
+      subject: 'Square Released - {{eventName}}',
+      body: 'Hi {{name}},\n\nYour square(s) for {{eventName}} have been released.\n\nSquare(s): {{squares}}\n\nIf you believe this is an error, please contact the commissioner.\n\nView the game board at: {{gameUrl}}\n\n{{commissioner}}',
+    },
+    {
+      name: 'payment_reminder',
+      subject: 'Payment Reminder - {{eventName}}',
+      body: 'Hi {{name}},\n\nThis is a friendly reminder that your payment for {{eventName}} is due soon!\n\nSquare(s): {{squares}}\nAmount Due: ${{amountDue}}\n\nYour grace period expires in approximately 2 hours. After that, your squares may be released.\n\nPayment Instructions:\n{{paymentInstructions}}\n\nPayment Methods:\n{{paymentMethods}}\n\nView your squares at: {{gameUrl}}\n\nThanks,\n{{commissioner}}',
+    },
+    {
+      name: 'winner_notification',
+      subject: 'Congratulations! You won {{quarter}} - {{eventName}}',
+      body: 'Hi {{name}},\n\nCongratulations! You are the winner of the {{quarter}} quarter!\n\nSquare: {{square}}\nScore: {{nfcTeam}} {{nfcScore}} - {{afcTeam}} {{afcScore}}\nPrize: ${{prize}}\n\nThanks,\n{{commissioner}}',
+    },
+    {
+      name: 'numbers_assigned',
+      subject: 'Numbers Have Been Assigned - {{eventName}}',
+      body: 'Hi {{name}},\n\nThe random numbers have been assigned for {{eventName}}!\n\nVisit the game board to see your numbers and check your squares:\n{{gameUrl}}\n\nGood luck!\n{{commissioner}}',
+    },
+    {
+      name: 'game_results',
+      subject: 'Final Results - {{eventName}}',
+      body: 'Hi {{name}},\n\nThe game is over! Here are the final results for {{eventName}}:\n\nWinners:\n{{winners}}\n\nCongratulations to all the winners!\n\nThank you for participating in this year\'s Super Bowl Squares. We hope you had a great time!\n\nView the final board at: {{gameUrl}}\n\n{{commissioner}}',
+    },
+  ];
+
+  for (const template of templates) {
+    await prisma.emailTemplate.upsert({
+      where: { name: template.name },
+      update: {},
+      create: template,
+    });
+  }
+
+  console.log('Seed completed successfully');
+}
+
+main()
+  .catch((e) => {
+    console.error(e);
+    process.exit(1);
+  })
+  .finally(async () => {
+    await prisma.$disconnect();
+  });
diff --git a/public/favicon.ico b/public/favicon.ico
new file mode 100644
index 0000000..4cbfe13
Binary files /dev/null and b/public/favicon.ico differ
diff --git a/public/images/AFC_logo_1738803834.png b/public/images/AFC_logo_1738803834.png
new file mode 100644
index 0000000..806942a
Binary files /dev/null and b/public/images/AFC_logo_1738803834.png differ
diff --git a/public/images/FootballField_Low.jpg b/public/images/FootballField_Low.jpg
new file mode 100644
index 0000000..47af4b6
Binary files /dev/null and b/public/images/FootballField_Low.jpg differ
diff --git a/public/images/NFC_logo_1738803826.png b/public/images/NFC_logo_1738803826.png
new file mode 100644
index 0000000..259a9b6
Binary files /dev/null and b/public/images/NFC_logo_1738803826.png differ
diff --git a/public/images/NFL-logo.gif b/public/images/NFL-logo.gif
new file mode 100644
index 0000000..bd3a7ff
Binary files /dev/null and b/public/images/NFL-logo.gif differ
diff --git a/public/images/afc-bengals.png b/public/images/afc-bengals.png
new file mode 100644
index 0000000..19c1379
Binary files /dev/null and b/public/images/afc-bengals.png differ
diff --git a/public/images/afc-bills.png b/public/images/afc-bills.png
new file mode 100644
index 0000000..890df0f
Binary files /dev/null and b/public/images/afc-bills.png differ
diff --git a/public/images/afc-broncos.png b/public/images/afc-broncos.png
new file mode 100644
index 0000000..2cb26fb
Binary files /dev/null and b/public/images/afc-broncos.png differ
diff --git a/public/images/afc-browns.png b/public/images/afc-browns.png
new file mode 100644
index 0000000..17a7ebf
Binary files /dev/null and b/public/images/afc-browns.png differ
diff --git a/public/images/afc-chargers.png b/public/images/afc-chargers.png
new file mode 100644
index 0000000..de6e251
Binary files /dev/null and b/public/images/afc-chargers.png differ
diff --git a/public/images/afc-chiefs.png b/public/images/afc-chiefs.png
new file mode 100644
index 0000000..96ee391
Binary files /dev/null and b/public/images/afc-chiefs.png differ
diff --git a/public/images/afc-colts.png b/public/images/afc-colts.png
new file mode 100644
index 0000000..5a93320
Binary files /dev/null and b/public/images/afc-colts.png differ
diff --git a/public/images/afc-dolphins.png b/public/images/afc-dolphins.png
new file mode 100644
index 0000000..74bf1b7
Binary files /dev/null and b/public/images/afc-dolphins.png differ
diff --git a/public/images/afc-generic.png b/public/images/afc-generic.png
new file mode 100644
index 0000000..42ab6ab
Binary files /dev/null and b/public/images/afc-generic.png differ
diff --git a/public/images/afc-jaguars.png b/public/images/afc-jaguars.png
new file mode 100644
index 0000000..6df917a
Binary files /dev/null and b/public/images/afc-jaguars.png differ
diff --git a/public/images/afc-jets.png b/public/images/afc-jets.png
new file mode 100644
index 0000000..186681b
Binary files /dev/null and b/public/images/afc-jets.png differ
diff --git a/public/images/afc-logo.png b/public/images/afc-logo.png
new file mode 100644
index 0000000..4acaa4e
Binary files /dev/null and b/public/images/afc-logo.png differ
diff --git a/public/images/afc-patriots.png b/public/images/afc-patriots.png
new file mode 100644
index 0000000..56d623e
Binary files /dev/null and b/public/images/afc-patriots.png differ
diff --git a/public/images/afc-raiders.png b/public/images/afc-raiders.png
new file mode 100644
index 0000000..0267bb9
Binary files /dev/null and b/public/images/afc-raiders.png differ
diff --git a/public/images/afc-ravens.png b/public/images/afc-ravens.png
new file mode 100644
index 0000000..fe71311
Binary files /dev/null and b/public/images/afc-ravens.png differ
diff --git a/public/images/afc-steelers.png b/public/images/afc-steelers.png
new file mode 100644
index 0000000..d91556b
Binary files /dev/null and b/public/images/afc-steelers.png differ
diff --git a/public/images/afc-texans.png b/public/images/afc-texans.png
new file mode 100644
index 0000000..cfb2828
Binary files /dev/null and b/public/images/afc-texans.png differ
diff --git a/public/images/afc-titans.png b/public/images/afc-titans.png
new file mode 100644
index 0000000..ea385ed
Binary files /dev/null and b/public/images/afc-titans.png differ
diff --git a/public/images/afcteam.png b/public/images/afcteam.png
new file mode 100644
index 0000000..3452e88
Binary files /dev/null and b/public/images/afcteam.png differ
diff --git a/public/images/background.jpg b/public/images/background.jpg
new file mode 100644
index 0000000..7985505
Binary files /dev/null and b/public/images/background.jpg differ
diff --git a/public/images/nfc-bears.png b/public/images/nfc-bears.png
new file mode 100644
index 0000000..5a8477d
Binary files /dev/null and b/public/images/nfc-bears.png differ
diff --git a/public/images/nfc-buccaneers.png b/public/images/nfc-buccaneers.png
new file mode 100644
index 0000000..e958136
Binary files /dev/null and b/public/images/nfc-buccaneers.png differ
diff --git a/public/images/nfc-cardinals.png b/public/images/nfc-cardinals.png
new file mode 100644
index 0000000..8c7b9f6
Binary files /dev/null and b/public/images/nfc-cardinals.png differ
diff --git a/public/images/nfc-commanders.png b/public/images/nfc-commanders.png
new file mode 100644
index 0000000..331ddcb
Binary files /dev/null and b/public/images/nfc-commanders.png differ
diff --git a/public/images/nfc-cowboys.png b/public/images/nfc-cowboys.png
new file mode 100644
index 0000000..a7ac941
Binary files /dev/null and b/public/images/nfc-cowboys.png differ
diff --git a/public/images/nfc-eagles.png b/public/images/nfc-eagles.png
new file mode 100644
index 0000000..d648b38
Binary files /dev/null and b/public/images/nfc-eagles.png differ
diff --git a/public/images/nfc-falcons.png b/public/images/nfc-falcons.png
new file mode 100644
index 0000000..0cb45fe
Binary files /dev/null and b/public/images/nfc-falcons.png differ
diff --git a/public/images/nfc-generic.png b/public/images/nfc-generic.png
new file mode 100644
index 0000000..9c308e0
Binary files /dev/null and b/public/images/nfc-generic.png differ
diff --git a/public/images/nfc-giants.png b/public/images/nfc-giants.png
new file mode 100644
index 0000000..2be66f3
Binary files /dev/null and b/public/images/nfc-giants.png differ
diff --git a/public/images/nfc-lions.png b/public/images/nfc-lions.png
new file mode 100644
index 0000000..8cb40f1
Binary files /dev/null and b/public/images/nfc-lions.png differ
diff --git a/public/images/nfc-logo.png b/public/images/nfc-logo.png
new file mode 100644
index 0000000..b15ab40
Binary files /dev/null and b/public/images/nfc-logo.png differ
diff --git a/public/images/nfc-packers.png b/public/images/nfc-packers.png
new file mode 100644
index 0000000..3ba4e6f
Binary files /dev/null and b/public/images/nfc-packers.png differ
diff --git a/public/images/nfc-panthers.png b/public/images/nfc-panthers.png
new file mode 100644
index 0000000..f0c9b17
Binary files /dev/null and b/public/images/nfc-panthers.png differ
diff --git a/public/images/nfc-rams.png b/public/images/nfc-rams.png
new file mode 100644
index 0000000..8c4c47c
Binary files /dev/null and b/public/images/nfc-rams.png differ
diff --git a/public/images/nfc-saints.png b/public/images/nfc-saints.png
new file mode 100644
index 0000000..bf9d125
Binary files /dev/null and b/public/images/nfc-saints.png differ
diff --git a/public/images/nfc-seahawks.png b/public/images/nfc-seahawks.png
new file mode 100644
index 0000000..cbb1a2c
Binary files /dev/null and b/public/images/nfc-seahawks.png differ
diff --git a/public/images/nfc-team.png b/public/images/nfc-team.png
new file mode 100644
index 0000000..ab61e14
Binary files /dev/null and b/public/images/nfc-team.png differ
diff --git a/public/images/nfc-vikings.png b/public/images/nfc-vikings.png
new file mode 100644
index 0000000..dd3c656
Binary files /dev/null and b/public/images/nfc-vikings.png differ
diff --git a/public/images/nfcteam.png b/public/images/nfcteam.png
new file mode 100644
index 0000000..0b61347
Binary files /dev/null and b/public/images/nfcteam.png differ
diff --git a/public/images/nfl-logo.png b/public/images/nfl-logo.png
new file mode 100644
index 0000000..08dab84
Binary files /dev/null and b/public/images/nfl-logo.png differ
diff --git a/public/images/superbowlnumber.png b/public/images/superbowlnumber.png
new file mode 100644
index 0000000..3e14b3f
Binary files /dev/null and b/public/images/superbowlnumber.png differ
diff --git a/public/images/superbowlnumber_LVIII.png b/public/images/superbowlnumber_LVIII.png
new file mode 100644
index 0000000..100888c
Binary files /dev/null and b/public/images/superbowlnumber_LVIII.png differ
diff --git a/server.js b/server.js
new file mode 100644
index 0000000..a4940ab
--- /dev/null
+++ b/server.js
@@ -0,0 +1,402 @@
+const path = require('path');
+const { createServer } = require('http');
+const { parse } = require('url');
+const { WebSocketServer } = require('ws');
+
+const dev = process.env.NODE_ENV !== 'production';
+const hostname = process.env.HOSTNAME || '0.0.0.0';
+const port = parseInt(process.env.PORT || '3000', 10);
+
+// WebSocket server for chat + real-time updates
+const wss = new WebSocketServer({ noServer: true });
+const clients = new Set();
+
+function setupWebSocket() {
+  wss.on('connection', async (ws) => {
+    clients.add(ws);
+
+    // Send chat history
+    try {
+      const { PrismaClient } = require('@prisma/client');
+      const prisma = new PrismaClient();
+
+      const messages = await prisma.chatMessage.findMany({
+        where: { deleted: false },
+        orderBy: { createdAt: 'asc' },
+        take: 100,
+        include: { user: { select: { name: true } } },
+      });
+
+      ws.send(JSON.stringify({
+        type: 'chat:history',
+        messages: messages.map((m) => {
+          const fullName = m.user?.name || m.guestName || 'Anonymous';
+          const firstName = fullName.split(' ')[0];
+          return {
+            id: m.id,
+            userName: firstName,
+            message: m.message,
+            createdAt: m.createdAt.toISOString(),
+          };
+        }),
+      }));
+
+      await prisma.$disconnect();
+    } catch (err) {
+      console.error('Failed to load chat history:', err);
+    }
+
+    ws.on('message', async (data) => {
+      try {
+        const parsed = JSON.parse(data.toString());
+        const { PrismaClient } = require('@prisma/client');
+        const prisma = new PrismaClient();
+
+        if (parsed.type === 'chat:message' && parsed.message) {
+          // Filter blacklisted words
+          const blacklist = await prisma.chatBlacklist.findMany();
+          let filtered = parsed.message;
+          for (const { word } of blacklist) {
+            const regex = new RegExp(word.replace(/[.*+?^${}()|[\]\\]/g, '\\$&'), 'gi');
+            filtered = filtered.replace(regex, '***');
+          }
+
+          // Determine user from userId
+          let userName = 'Anonymous';
+          let userId = parsed.userId || null;
+
+          if (userId) {
+            try {
+              const user = await prisma.user.findUnique({
+                where: { id: userId },
+                select: { name: true },
+              });
+              if (user) {
+                userName = user.name.split(' ')[0];
+              } else {
+                userId = null;
+              }
+            } catch {
+              userId = null;
+            }
+          }
+
+          const msg = await prisma.chatMessage.create({
+            data: {
+              message: filtered.slice(0, 500),
+              userId,
+              guestName: userId ? null : userName,
+            },
+          });
+
+          const broadcast = JSON.stringify({
+            type: 'chat:message',
+            message: {
+              id: msg.id,
+              userName,
+              message: msg.message,
+              createdAt: msg.createdAt.toISOString(),
+            },
+          });
+
+          for (const client of clients) {
+            if (client.readyState === 1) {
+              client.send(broadcast);
+            }
+          }
+        } else if (parsed.type === 'squares:changed') {
+          // Broadcast squares refresh notification to all clients
+          const broadcast = JSON.stringify({ type: 'squares:refresh' });
+          for (const client of clients) {
+            if (client.readyState === 1) {
+              client.send(broadcast);
+            }
+          }
+          await prisma.$disconnect();
+          return;
+        } else if (parsed.type === 'chat:delete' && parsed.messageId) {
+          if (parsed.userId) {
+            try {
+              const user = await prisma.user.findUnique({
+                where: { id: parsed.userId },
+                select: { role: true },
+              });
+              if (user && (user.role === 'ADMIN' || user.role === 'VIEWER')) {
+                await prisma.chatMessage.update({
+                  where: { id: parsed.messageId },
+                  data: { deleted: true },
+                });
+
+                const broadcast = JSON.stringify({
+                  type: 'chat:delete',
+                  messageId: parsed.messageId,
+                });
+
+                for (const client of clients) {
+                  if (client.readyState === 1) {
+                    client.send(broadcast);
+                  }
+                }
+              }
+            } catch {
+              // ignore
+            }
+          }
+        }
+
+        await prisma.$disconnect();
+      } catch (err) {
+        console.error('WebSocket message error:', err);
+      }
+    });
+
+    ws.on('close', () => {
+      clients.delete(ws);
+    });
+  });
+}
+
+// Payment reminder scheduler - check every 15 minutes
+function startPaymentReminders() {
+  setInterval(async () => {
+    try {
+      const { PrismaClient } = require('@prisma/client');
+      const prisma = new PrismaClient();
+      const nodemailer = require('nodemailer');
+
+      const settings = await prisma.gameSettings.findUnique({
+        where: { id: 'singleton' },
+        include: { paymentMethods: true },
+      });
+
+      if (!settings || !settings.graceHours) {
+        await prisma.$disconnect();
+        return;
+      }
+
+      const template = await prisma.emailTemplate.findUnique({
+        where: { name: 'payment_reminder' },
+      });
+
+      if (!template) {
+        await prisma.$disconnect();
+        return;
+      }
+
+      const emailSettings = await prisma.emailSettings.findUnique({
+        where: { id: 'singleton' },
+      });
+
+      if (!emailSettings || !emailSettings.smtpHost) {
+        await prisma.$disconnect();
+        return;
+      }
+
+      const transporter = nodemailer.createTransport({
+        host: emailSettings.smtpHost,
+        port: emailSettings.smtpPort,
+        secure: emailSettings.smtpPort === 465,
+        auth: { user: emailSettings.smtpUser, pass: emailSettings.smtpPass },
+      });
+
+      const gameUrl = process.env.NEXTAUTH_URL || 'http://localhost:3000';
+      const enabledPayments = settings.paymentMethods?.filter((pm) => pm.enabled) || [];
+      const paymentMethodsText = enabledPayments.length > 0
+        ? enabledPayments.map((pm) => `${pm.type}: ${pm.value}`).join('\n')
+        : 'Contact the commissioner for payment details.';
+
+      const now = new Date();
+      const unconfirmed = await prisma.square.findMany({
+        where: {
+          confirmed: false,
+          reminderSent: false,
+          signupDate: { not: null },
+          OR: [
+            { userId: { not: null } },
+            { guestEmail: { not: null } },
+          ],
+        },
+        include: { user: { select: { name: true, email: true } } },
+      });
+
+      for (const sq of unconfirmed) {
+        if (!sq.signupDate) continue;
+
+        const deadline = new Date(sq.signupDate.getTime() + settings.graceHours * 60 * 60 * 1000);
+        const reminderTime = new Date(deadline.getTime() - 2 * 60 * 60 * 1000);
+
+        if (now >= reminderTime && now < deadline) {
+          const email = sq.user?.email || sq.guestEmail;
+          const name = sq.user?.name || sq.guestName;
+          if (!email || !name) continue;
+
+          const variables = {
+            name,
+            email,
+            squares: sq.position,
+            amountDue: settings.betAmount.toFixed(2),
+            commissioner: settings.commissioner || '',
+            eventName: settings.eventName || '',
+            gameUrl,
+            graceHours: String(settings.graceHours),
+            paymentInstructions: settings.paymentInstructions || '',
+            paymentMethods: paymentMethodsText,
+          };
+
+          let subject = template.subject;
+          let body = template.body;
+          for (const [key, val] of Object.entries(variables)) {
+            const regex = new RegExp(`\\{\\{${key}\\}\\}`, 'g');
+            subject = subject.replace(regex, val);
+            body = body.replace(regex, val);
+          }
+
+          try {
+            await transporter.sendMail({
+              from: `"${emailSettings.fromName || 'Super Bowl Squares'}" <${emailSettings.fromEmail || 'noreply@localhost'}>`,
+              to: email,
+              subject,
+              text: body,
+            });
+            await prisma.square.update({
+              where: { id: sq.id },
+              data: { reminderSent: true },
+            });
+            console.log(`[Reminder] Payment reminder sent to ${email} for square ${sq.position}`);
+          } catch (err) {
+            console.error(`[Reminder] Failed to send to ${email}:`, err.message || err);
+          }
+        }
+      }
+
+      await prisma.$disconnect();
+    } catch (err) {
+      console.error('[Reminder] Scheduler error:', err.message || err);
+    }
+  }, 15 * 60 * 1000);
+}
+
+// --- Boot ---
+
+if (dev) {
+  // Development mode: use standard next() API
+  const next = require('next');
+  const app = next({ dev, hostname, port });
+  const handle = app.getRequestHandler();
+
+  app.prepare().then(() => {
+    const server = createServer(async (req, res) => {
+      try {
+        const parsedUrl = parse(req.url, true);
+        await handle(req, res, parsedUrl);
+      } catch (err) {
+        console.error('Error occurred handling', req.url, err);
+        res.statusCode = 500;
+        res.end('internal server error');
+      }
+    });
+
+    server.on('upgrade', (req, socket, head) => {
+      const { pathname } = parse(req.url, true);
+      if (pathname === '/ws/chat') {
+        wss.handleUpgrade(req, socket, head, (ws) => {
+          wss.emit('connection', ws, req);
+        });
+      } else {
+        socket.destroy();
+      }
+    });
+
+    setupWebSocket();
+    startPaymentReminders();
+
+    server.listen(port, hostname, () => {
+      console.log(`> Ready on http://${hostname}:${port}`);
+    });
+  });
+} else {
+  // Production standalone mode: use startServer but monkey-patch http.createServer
+  // to capture the server instance for WebSocket upgrade handling
+  const dir = path.join(__dirname);
+  process.chdir(__dirname);
+
+  // Read the standalone config: either from env (if already set) or from the
+  // saved original standalone server.js which contains the embedded nextConfig
+  if (!process.env.__NEXT_PRIVATE_STANDALONE_CONFIG) {
+    try {
+      const fs = require('fs');
+      const standaloneCode = fs.readFileSync(path.join(__dirname, 'server.standalone.js'), 'utf8');
+      const match = standaloneCode.match(/const nextConfig = (\{[\s\S]*?\})\n\nprocess\.env\.__NEXT_PRIVATE_STANDALONE_CONFIG/);
+      if (match) {
+        process.env.__NEXT_PRIVATE_STANDALONE_CONFIG = match[1];
+      }
+    } catch (err) {
+      console.warn('Could not read standalone config:', err.message);
+    }
+  }
+  const nextConfig = process.env.__NEXT_PRIVATE_STANDALONE_CONFIG
+    ? JSON.parse(process.env.__NEXT_PRIVATE_STANDALONE_CONFIG)
+    : undefined;
+
+  // Monkey-patch http.createServer to intercept the server Next.js creates
+  const http = require('http');
+  const originalCreateServer = http.createServer.bind(http);
+
+  http.createServer = function patchedCreateServer(...args) {
+    const server = originalCreateServer(...args);
+
+    // Prepend our upgrade listener BEFORE Next.js adds its own
+    const originalOn = server.on.bind(server);
+    server.on = function patchedOn(event, listener) {
+      if (event === 'upgrade') {
+        // Wrap Next.js upgrade handler to intercept /ws/chat
+        originalOn('upgrade', (req, socket, head) => {
+          const { pathname } = parse(req.url, true);
+          if (pathname === '/ws/chat') {
+            wss.handleUpgrade(req, socket, head, (ws) => {
+              wss.emit('connection', ws, req);
+            });
+          } else {
+            listener(req, socket, head);
+          }
+        });
+        // Restore original .on so future calls work normally
+        server.on = originalOn;
+        return server;
+      }
+      return originalOn(event, listener);
+    };
+
+    // Restore http.createServer
+    http.createServer = originalCreateServer;
+
+    return server;
+  };
+
+  setupWebSocket();
+  startPaymentReminders();
+
+  // Now let Next.js startServer do its thing - it will use our patched createServer
+  require('next');
+  const { startServer } = require('next/dist/server/lib/start-server');
+
+  let keepAliveTimeout = parseInt(process.env.KEEP_ALIVE_TIMEOUT, 10);
+  if (Number.isNaN(keepAliveTimeout) || !Number.isFinite(keepAliveTimeout) || keepAliveTimeout < 0) {
+    keepAliveTimeout = undefined;
+  }
+
+  startServer({
+    dir,
+    isDev: false,
+    config: nextConfig,
+    hostname,
+    port,
+    allowRetry: false,
+    keepAliveTimeout,
+  }).then(() => {
+    console.log(`> WebSocket server ready on ws://${hostname}:${port}/ws/chat`);
+  }).catch((err) => {
+    console.error(err);
+    process.exit(1);
+  });
+}
diff --git a/server.ts b/server.ts
new file mode 100644
index 0000000..1b03d40
--- /dev/null
+++ b/server.ts
@@ -0,0 +1,2 @@
+// Dev server - just runs the JS server with tsx
+require('./server.js');
diff --git a/src/app/admin/backup/page.tsx b/src/app/admin/backup/page.tsx
new file mode 100644
index 0000000..74cc4c8
--- /dev/null
+++ b/src/app/admin/backup/page.tsx
@@ -0,0 +1,147 @@
+'use client';
+
+import { useState, useRef } from 'react';
+import { Button } from '@/components/ui/Button';
+
+export default function BackupPage() {
+  const [loading, setLoading] = useState(false);
+  const [message, setMessage] = useState('');
+  const fileInputRef = useRef<HTMLInputElement>(null);
+
+  const handleExport = async (type: 'config' | 'full') => {
+    setLoading(true);
+    setMessage('');
+
+    try {
+      const res = await fetch(`/api/backup?type=${type}`);
+      if (!res.ok) throw new Error('Export failed');
+
+      const data = await res.json();
+      const blob = new Blob([JSON.stringify(data, null, 2)], { type: 'application/json' });
+      const url = URL.createObjectURL(blob);
+      const a = document.createElement('a');
+      a.href = url;
+      a.download = `superbowl-${type}-backup-${new Date().toISOString().split('T')[0]}.json`;
+      a.click();
+      URL.revokeObjectURL(url);
+
+      setMessage(`${type === 'config' ? 'Config' : 'Full'} backup exported!`);
+    } catch {
+      setMessage('Export failed');
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  const handleImport = async (e: React.ChangeEvent<HTMLInputElement>) => {
+    const file = e.target.files?.[0];
+    if (!file) return;
+
+    if (!confirm('This will overwrite existing data. Are you sure you want to restore from this backup?')) {
+      if (fileInputRef.current) fileInputRef.current.value = '';
+      return;
+    }
+
+    setLoading(true);
+    setMessage('');
+
+    try {
+      const text = await file.text();
+      const data = JSON.parse(text);
+
+      const res = await fetch('/api/backup', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify(data),
+      });
+
+      if (!res.ok) {
+        const result = await res.json();
+        throw new Error(result.error || 'Import failed');
+      }
+
+      setMessage('Backup restored successfully!');
+    } catch (err: any) {
+      setMessage(err.message);
+    } finally {
+      setLoading(false);
+      if (fileInputRef.current) fileInputRef.current.value = '';
+    }
+  };
+
+  return (
+    <div>
+      <h1 className="text-2xl font-bold mb-6">Backup & Restore</h1>
+
+      {message && (
+        <div className={`mb-6 px-4 py-2 rounded-lg text-sm ${
+          message.includes('success') || message.includes('exported') || message.includes('restored')
+            ? 'bg-green-900/50 text-green-300'
+            : 'bg-red-900/50 text-red-300'
+        }`}>
+          {message}
+        </div>
+      )}
+
+      <div className="grid grid-cols-1 md:grid-cols-2 gap-6">
+        {/* Export */}
+        <div className="card space-y-4">
+          <h2 className="font-semibold text-lg">Export Backup</h2>
+
+          <div className="space-y-3">
+            <div className="bg-gray-800 rounded-lg p-4">
+              <h3 className="font-medium mb-1">Config Only</h3>
+              <p className="text-sm text-gray-400 mb-3">
+                Exports game settings, payment methods, email settings, and email templates.
+              </p>
+              <Button
+                variant="secondary"
+                onClick={() => handleExport('config')}
+                loading={loading}
+              >
+                Export Config
+              </Button>
+            </div>
+
+            <div className="bg-gray-800 rounded-lg p-4">
+              <h3 className="font-medium mb-1">Full Backup</h3>
+              <p className="text-sm text-gray-400 mb-3">
+                Exports everything: settings, squares, grid numbers, scores, chat messages, and users (passwords excluded).
+              </p>
+              <Button
+                onClick={() => handleExport('full')}
+                loading={loading}
+              >
+                Export Full Backup
+              </Button>
+            </div>
+          </div>
+        </div>
+
+        {/* Import */}
+        <div className="card space-y-4">
+          <h2 className="font-semibold text-lg">Restore Backup</h2>
+          <p className="text-sm text-gray-400">
+            Upload a backup JSON file to restore. This will overwrite existing data.
+          </p>
+          <div className="bg-gray-800 rounded-lg p-4">
+            <input
+              ref={fileInputRef}
+              type="file"
+              accept=".json"
+              onChange={handleImport}
+              className="text-sm text-gray-400 file:mr-4 file:py-2 file:px-4 file:rounded-lg file:border-0 file:text-sm file:font-medium file:bg-primary-600 file:text-white hover:file:bg-primary-700"
+            />
+          </div>
+          <div className="text-xs text-gray-500 space-y-1">
+            <p>Supported backup types:</p>
+            <ul className="list-disc list-inside">
+              <li>Config-only backups (settings, templates)</li>
+              <li>Full backups (all game data)</li>
+            </ul>
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/admin/balance/page.tsx b/src/app/admin/balance/page.tsx
new file mode 100644
index 0000000..421a09e
--- /dev/null
+++ b/src/app/admin/balance/page.tsx
@@ -0,0 +1,132 @@
+import { prisma } from '@/lib/prisma';
+
+export const dynamic = 'force-dynamic';
+
+export default async function BalancePage() {
+  const [squares, settings] = await Promise.all([
+    prisma.square.findMany({
+      include: { user: { select: { name: true, email: true } } },
+    }),
+    prisma.gameSettings.findUnique({ where: { id: 'singleton' } }),
+  ]);
+
+  const betAmount = settings?.betAmount || 10;
+
+  // Group squares by player
+  const playerMap = new Map<string, {
+    name: string;
+    email: string;
+    squareCount: number;
+    confirmed: number;
+    pending: number;
+    wins: number;
+  }>();
+
+  for (const sq of squares) {
+    const name = sq.user?.name || sq.guestName;
+    if (!name) continue;
+
+    const email = sq.user?.email || sq.guestEmail || '';
+    const key = `${name}|${email}`;
+
+    if (!playerMap.has(key)) {
+      playerMap.set(key, { name, email, squareCount: 0, confirmed: 0, pending: 0, wins: 0 });
+    }
+
+    const player = playerMap.get(key)!;
+    player.squareCount++;
+    if (sq.confirmed) player.confirmed++;
+    else player.pending++;
+
+    if (sq.firstWin || sq.halfWin || sq.thirdWin || sq.finalWin) {
+      player.wins++;
+    }
+  }
+
+  const players = Array.from(playerMap.values()).sort(
+    (a, b) => b.squareCount - a.squareCount
+  );
+
+  const totalPot = squares.filter((s) => s.userId || s.guestName).length * betAmount;
+
+  return (
+    <div>
+      <h1 className="text-2xl font-bold mb-6">Balance Sheet</h1>
+
+      <div className="grid grid-cols-1 md:grid-cols-3 gap-4 mb-6">
+        <div className="card">
+          <p className="text-sm text-gray-400">Total Pot</p>
+          <p className="text-2xl font-bold text-green-400">${totalPot.toFixed(2)}</p>
+        </div>
+        <div className="card">
+          <p className="text-sm text-gray-400">Players</p>
+          <p className="text-2xl font-bold">{players.length}</p>
+        </div>
+        <div className="card">
+          <p className="text-sm text-gray-400">Bet Amount</p>
+          <p className="text-2xl font-bold">${betAmount.toFixed(2)}/sq</p>
+        </div>
+      </div>
+
+      <div className="overflow-x-auto">
+        <table className="w-full text-sm">
+          <thead>
+            <tr className="text-left text-gray-400 border-b border-gray-800">
+              <th className="pb-2 pr-4">Player</th>
+              <th className="pb-2 pr-4">Email</th>
+              <th className="pb-2 pr-4 text-center">Squares</th>
+              <th className="pb-2 pr-4 text-center">Confirmed</th>
+              <th className="pb-2 pr-4 text-center">Pending</th>
+              <th className="pb-2 pr-4 text-right">Amount Due</th>
+              <th className="pb-2 pr-4 text-right">Confirmed Paid</th>
+              <th className="pb-2 text-center">Wins</th>
+            </tr>
+          </thead>
+          <tbody>
+            {players.map((player, idx) => {
+              const totalDue = player.squareCount * betAmount;
+              const confirmedPaid = player.confirmed * betAmount;
+
+              return (
+                <tr key={idx} className="border-b border-gray-800/50 hover:bg-gray-900/50">
+                  <td className="py-2 pr-4 font-medium">{player.name}</td>
+                  <td className="py-2 pr-4 text-gray-400">{player.email}</td>
+                  <td className="py-2 pr-4 text-center">{player.squareCount}</td>
+                  <td className="py-2 pr-4 text-center text-green-400">{player.confirmed}</td>
+                  <td className="py-2 pr-4 text-center text-yellow-400">{player.pending}</td>
+                  <td className="py-2 pr-4 text-right">${totalDue.toFixed(2)}</td>
+                  <td className="py-2 pr-4 text-right text-green-400">${confirmedPaid.toFixed(2)}</td>
+                  <td className="py-2 text-center">
+                    {player.wins > 0 && (
+                      <span className="text-yellow-400 font-bold">{player.wins}</span>
+                    )}
+                  </td>
+                </tr>
+              );
+            })}
+          </tbody>
+          <tfoot>
+            <tr className="border-t border-gray-700 font-bold">
+              <td className="pt-2 pr-4">Totals</td>
+              <td></td>
+              <td className="pt-2 pr-4 text-center">
+                {players.reduce((s, p) => s + p.squareCount, 0)}
+              </td>
+              <td className="pt-2 pr-4 text-center text-green-400">
+                {players.reduce((s, p) => s + p.confirmed, 0)}
+              </td>
+              <td className="pt-2 pr-4 text-center text-yellow-400">
+                {players.reduce((s, p) => s + p.pending, 0)}
+              </td>
+              <td className="pt-2 pr-4 text-right">${totalPot.toFixed(2)}</td>
+              <td className="pt-2 pr-4 text-right text-green-400">
+                ${(players.reduce((s, p) => s + p.confirmed, 0) * betAmount).toFixed(2)}
+              </td>
+              <td></td>
+            </tr>
+          </tfoot>
+        </table>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/admin/chat/page.tsx b/src/app/admin/chat/page.tsx
new file mode 100644
index 0000000..75b92be
--- /dev/null
+++ b/src/app/admin/chat/page.tsx
@@ -0,0 +1,188 @@
+'use client';
+
+import { useState, useEffect } from 'react';
+import { Button } from '@/components/ui/Button';
+import { Input } from '@/components/ui/Input';
+
+interface ChatMessage {
+  id: string;
+  message: string;
+  guestName: string | null;
+  deleted: boolean;
+  createdAt: string;
+  user: { name: string } | null;
+}
+
+interface BlacklistWord {
+  id: string;
+  word: string;
+}
+
+export default function ChatModerationPage() {
+  const [tab, setTab] = useState<'messages' | 'blacklist'>('messages');
+
+  return (
+    <div>
+      <h1 className="text-2xl font-bold mb-6">Chat Moderation</h1>
+
+      <div className="flex gap-2 mb-6">
+        <button
+          onClick={() => setTab('messages')}
+          className={`px-4 py-2 rounded-lg text-sm ${
+            tab === 'messages' ? 'bg-primary-600 text-white' : 'bg-gray-800 text-gray-400'
+          }`}
+        >
+          Messages
+        </button>
+        <button
+          onClick={() => setTab('blacklist')}
+          className={`px-4 py-2 rounded-lg text-sm ${
+            tab === 'blacklist' ? 'bg-primary-600 text-white' : 'bg-gray-800 text-gray-400'
+          }`}
+        >
+          Blacklist
+        </button>
+      </div>
+
+      {tab === 'messages' && <MessagesTab />}
+      {tab === 'blacklist' && <BlacklistTab />}
+    </div>
+  );
+}
+
+function MessagesTab() {
+  const [messages, setMessages] = useState<ChatMessage[]>([]);
+  const [loading, setLoading] = useState(true);
+
+  const fetchMessages = () => {
+    fetch('/api/chat')
+      .then((r) => r.json())
+      .then((data) => setMessages(data.messages || []))
+      .finally(() => setLoading(false));
+  };
+
+  useEffect(() => {
+    fetchMessages();
+  }, []);
+
+  const handleDelete = async (id: string) => {
+    await fetch('/api/chat', {
+      method: 'DELETE',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ messageId: id }),
+    });
+    fetchMessages();
+  };
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  return (
+    <div className="card">
+      <div className="space-y-2 max-h-[600px] overflow-y-auto">
+        {messages.length === 0 && (
+          <p className="text-gray-500 text-sm">No messages yet</p>
+        )}
+        {messages.map((msg) => (
+          <div
+            key={msg.id}
+            className={`flex items-start gap-2 text-sm p-2 rounded ${
+              msg.deleted ? 'opacity-40' : ''
+            }`}
+          >
+            <div className="flex-1">
+              <span className="font-medium text-primary-400">
+                {msg.user?.name || msg.guestName || 'Anonymous'}
+              </span>{' '}
+              <span className="text-gray-300">{msg.message}</span>
+              <span className="text-[10px] text-gray-600 ml-2">
+                {new Date(msg.createdAt).toLocaleString()}
+              </span>
+            </div>
+            {!msg.deleted && (
+              <button
+                onClick={() => handleDelete(msg.id)}
+                className="text-xs bg-red-800 hover:bg-red-700 px-2 py-1 rounded flex-shrink-0"
+              >
+                Delete
+              </button>
+            )}
+          </div>
+        ))}
+      </div>
+    </div>
+  );
+}
+
+function BlacklistTab() {
+  const [words, setWords] = useState<BlacklistWord[]>([]);
+  const [newWord, setNewWord] = useState('');
+  const [loading, setLoading] = useState(true);
+
+  const fetchBlacklist = () => {
+    fetch('/api/chat?type=blacklist')
+      .then((r) => r.json())
+      .then((data) => setWords(data.words || []))
+      .finally(() => setLoading(false));
+  };
+
+  useEffect(() => {
+    fetchBlacklist();
+  }, []);
+
+  const handleAdd = async () => {
+    if (!newWord.trim()) return;
+    await fetch('/api/chat', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ type: 'blacklist', word: newWord.trim() }),
+    });
+    setNewWord('');
+    fetchBlacklist();
+  };
+
+  const handleRemove = async (id: string) => {
+    await fetch('/api/chat', {
+      method: 'DELETE',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ type: 'blacklist', wordId: id }),
+    });
+    fetchBlacklist();
+  };
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  return (
+    <div className="card max-w-lg">
+      <h3 className="font-semibold mb-4">Blacklisted Words</h3>
+
+      <div className="flex gap-2 mb-4">
+        <Input
+          id="newWord"
+          value={newWord}
+          onChange={(e) => setNewWord(e.target.value)}
+          placeholder="Add a word..."
+          onKeyDown={(e) => e.key === 'Enter' && handleAdd()}
+          className="flex-1"
+        />
+        <Button onClick={handleAdd}>Add</Button>
+      </div>
+
+      <div className="space-y-2">
+        {words.map((w) => (
+          <div key={w.id} className="flex items-center justify-between bg-gray-800 rounded-lg px-3 py-2">
+            <span className="font-mono text-sm">{w.word}</span>
+            <button
+              onClick={() => handleRemove(w.id)}
+              className="text-red-400 hover:text-red-300 text-sm"
+            >
+              Remove
+            </button>
+          </div>
+        ))}
+        {words.length === 0 && (
+          <p className="text-gray-500 text-sm">No blacklisted words</p>
+        )}
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/admin/email/page.tsx b/src/app/admin/email/page.tsx
new file mode 100644
index 0000000..4fe7569
--- /dev/null
+++ b/src/app/admin/email/page.tsx
@@ -0,0 +1,435 @@
+'use client';
+
+import { useState, useEffect } from 'react';
+import { useSession } from 'next-auth/react';
+import { Input } from '@/components/ui/Input';
+import { Button } from '@/components/ui/Button';
+
+interface EmailTemplate {
+  id: string;
+  name: string;
+  subject: string;
+  body: string;
+}
+
+interface Recipient {
+  name: string;
+  email: string;
+  selected: boolean;
+}
+
+export default function EmailPage() {
+  const { data: session } = useSession();
+  const role = (session?.user as any)?.role;
+  const allTabs = ['send', 'templates', 'smtp'] as const;
+  const tabs = role === 'VIEWER' ? allTabs.filter((t) => t !== 'smtp') : allTabs;
+  const [tab, setTab] = useState<'send' | 'templates' | 'smtp'>('send');
+
+  return (
+    <div>
+      <h1 className="text-2xl font-bold mb-6">Email System</h1>
+
+      <div className="flex gap-2 mb-6">
+        {tabs.map((t) => (
+          <button
+            key={t}
+            onClick={() => setTab(t)}
+            className={`px-4 py-2 rounded-lg text-sm ${
+              tab === t ? 'bg-primary-600 text-white' : 'bg-gray-800 text-gray-400 hover:text-white'
+            }`}
+          >
+            {t === 'smtp' ? 'SMTP Settings' : t.charAt(0).toUpperCase() + t.slice(1)}
+          </button>
+        ))}
+      </div>
+
+      {tab === 'send' && <SendEmailTab />}
+      {tab === 'templates' && <TemplatesTab />}
+      {tab === 'smtp' && <SmtpTab />}
+    </div>
+  );
+}
+
+function SendEmailTab() {
+  const [recipients, setRecipients] = useState<Recipient[]>([]);
+  const [templates, setTemplates] = useState<EmailTemplate[]>([]);
+  const [selectedTemplate, setSelectedTemplate] = useState('');
+  const [subject, setSubject] = useState('');
+  const [body, setBody] = useState('');
+  const [sending, setSending] = useState(false);
+  const [message, setMessage] = useState('');
+  const [selectAll, setSelectAll] = useState(true);
+
+  useEffect(() => {
+    Promise.all([
+      fetch('/api/email?type=recipients').then((r) => r.json()),
+      fetch('/api/email?type=templates').then((r) => r.json()),
+    ]).then(([recipientsData, templatesData]) => {
+      setRecipients(recipientsData.map((r: any) => ({ ...r, selected: true })));
+      setTemplates(templatesData);
+    });
+  }, []);
+
+  const handleTemplateChange = (templateId: string) => {
+    setSelectedTemplate(templateId);
+    const tmpl = templates.find((t) => t.id === templateId);
+    if (tmpl) {
+      setSubject(tmpl.subject);
+      setBody(tmpl.body);
+    }
+  };
+
+  const toggleSelectAll = () => {
+    const newVal = !selectAll;
+    setSelectAll(newVal);
+    setRecipients(recipients.map((r) => ({ ...r, selected: newVal })));
+  };
+
+  const handleSend = async () => {
+    const selectedRecipients = recipients.filter((r) => r.selected);
+    if (selectedRecipients.length === 0) {
+      setMessage('No recipients selected');
+      return;
+    }
+
+    setSending(true);
+    setMessage('');
+
+    try {
+      const res = await fetch('/api/email', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          recipients: selectedRecipients.map((r) => ({ name: r.name, email: r.email })),
+          subject,
+          body,
+        }),
+      });
+
+      if (!res.ok) {
+        const data = await res.json();
+        throw new Error(data.error || 'Send failed');
+      }
+
+      const data = await res.json();
+      setMessage(`Email sent to ${data.sent} recipient(s)!`);
+    } catch (err: any) {
+      setMessage(err.message);
+    } finally {
+      setSending(false);
+    }
+  };
+
+  return (
+    <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+      <div className="lg:col-span-2 space-y-4">
+        <div className="card space-y-4">
+          <div className="space-y-1">
+            <label className="block text-sm font-medium text-gray-300">Template</label>
+            <select
+              value={selectedTemplate}
+              onChange={(e) => handleTemplateChange(e.target.value)}
+              className="input-field"
+            >
+              <option value="">Custom Email</option>
+              {templates.map((t) => (
+                <option key={t.id} value={t.id}>{t.name}</option>
+              ))}
+            </select>
+          </div>
+          <Input id="emailSubject" label="Subject" value={subject} onChange={(e) => setSubject(e.target.value)} />
+          <div className="space-y-1">
+            <label className="block text-sm font-medium text-gray-300">Body</label>
+            <textarea
+              value={body}
+              onChange={(e) => setBody(e.target.value)}
+              className="input-field resize-none"
+              rows={10}
+            />
+            <p className="text-xs text-gray-500">
+              Variables: {'{{name}}'}, {'{{email}}'}, {'{{squares}}'}, {'{{amountDue}}'}, {'{{commissioner}}'}, {'{{eventName}}'}, {'{{gameUrl}}'}, {'{{graceHours}}'}, {'{{paymentInstructions}}'}, {'{{paymentMethods}}'}, {'{{winners}}'}, {'{{rulesText}}'}
+            </p>
+          </div>
+
+          {message && (
+            <div className={`px-4 py-2 rounded-lg text-sm ${
+              message.includes('sent') ? 'bg-green-900/50 text-green-300' : 'bg-red-900/50 text-red-300'
+            }`}>
+              {message}
+            </div>
+          )}
+
+          <Button onClick={handleSend} loading={sending} className="w-full">
+            Send Email
+          </Button>
+        </div>
+      </div>
+
+      <div className="card">
+        <div className="flex items-center justify-between mb-3">
+          <h3 className="font-semibold">Recipients</h3>
+          <button onClick={toggleSelectAll} className="text-xs text-primary-400 hover:text-primary-300">
+            {selectAll ? 'Deselect All' : 'Select All'}
+          </button>
+        </div>
+        <div className="space-y-1 max-h-96 overflow-y-auto">
+          {recipients.map((r, idx) => (
+            <label key={idx} className="flex items-center gap-2 text-sm hover:bg-gray-800 p-1 rounded cursor-pointer">
+              <input
+                type="checkbox"
+                checked={r.selected}
+                onChange={() => {
+                  const updated = [...recipients];
+                  updated[idx] = { ...updated[idx], selected: !updated[idx].selected };
+                  setRecipients(updated);
+                }}
+                className="rounded"
+              />
+              <span>{r.name}</span>
+              <span className="text-gray-500 text-xs truncate">{r.email}</span>
+            </label>
+          ))}
+          {recipients.length === 0 && (
+            <p className="text-gray-500 text-sm">No recipients found</p>
+          )}
+        </div>
+      </div>
+    </div>
+  );
+}
+
+function TemplatesTab() {
+  const [templates, setTemplates] = useState<EmailTemplate[]>([]);
+  const [editing, setEditing] = useState<EmailTemplate | null>(null);
+  const [name, setName] = useState('');
+  const [subject, setSubject] = useState('');
+  const [body, setBody] = useState('');
+  const [message, setMessage] = useState('');
+
+  useEffect(() => {
+    fetch('/api/email?type=templates')
+      .then((r) => r.json())
+      .then(setTemplates);
+  }, []);
+
+  const startEdit = (tmpl: EmailTemplate | null) => {
+    setEditing(tmpl);
+    setName(tmpl?.name || '');
+    setSubject(tmpl?.subject || '');
+    setBody(tmpl?.body || '');
+  };
+
+  const handleSave = async () => {
+    try {
+      const res = await fetch('/api/email', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          type: 'template',
+          id: editing?.id,
+          name,
+          subject,
+          templateBody: body,
+        }),
+      });
+
+      if (!res.ok) throw new Error('Save failed');
+      setMessage('Template saved!');
+      setEditing(null);
+
+      const updated = await fetch('/api/email?type=templates').then((r) => r.json());
+      setTemplates(updated);
+    } catch {
+      setMessage('Failed to save template');
+    }
+  };
+
+  return (
+    <div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
+      <div className="card">
+        <div className="flex items-center justify-between mb-4">
+          <h3 className="font-semibold">Templates</h3>
+          <Button size="sm" variant="secondary" onClick={() => startEdit(null)}>
+            + New
+          </Button>
+        </div>
+        <div className="space-y-2">
+          {templates.map((t) => (
+            <div
+              key={t.id}
+              className="flex items-center justify-between bg-gray-800 rounded-lg px-3 py-2"
+            >
+              <div>
+                <p className="font-medium text-sm">{t.name}</p>
+                <p className="text-xs text-gray-400">{t.subject}</p>
+              </div>
+              <button
+                onClick={() => startEdit(t)}
+                className="text-xs text-primary-400 hover:text-primary-300"
+              >
+                Edit
+              </button>
+            </div>
+          ))}
+        </div>
+      </div>
+
+      {(editing !== undefined && (editing !== null || name || subject || body)) && (
+        <div className="card space-y-4">
+          <h3 className="font-semibold">{editing ? 'Edit Template' : 'New Template'}</h3>
+
+          {message && (
+            <div className={`px-4 py-2 rounded-lg text-sm ${
+              message.includes('saved') ? 'bg-green-900/50 text-green-300' : 'bg-red-900/50 text-red-300'
+            }`}>
+              {message}
+            </div>
+          )}
+
+          <Input id="tmplName" label="Template Name" value={name} onChange={(e) => setName(e.target.value)} />
+          <Input id="tmplSubject" label="Subject" value={subject} onChange={(e) => setSubject(e.target.value)} />
+          <div className="space-y-1">
+            <label className="block text-sm font-medium text-gray-300">Body</label>
+            <textarea
+              value={body}
+              onChange={(e) => setBody(e.target.value)}
+              className="input-field resize-none"
+              rows={8}
+            />
+          </div>
+          <div className="flex gap-3">
+            <Button variant="secondary" onClick={() => { setEditing(null); setName(''); setSubject(''); setBody(''); }} className="flex-1">
+              Cancel
+            </Button>
+            <Button onClick={handleSave} className="flex-1">Save Template</Button>
+          </div>
+        </div>
+      )}
+    </div>
+  );
+}
+
+function SmtpTab() {
+  const [loading, setLoading] = useState(true);
+  const [saving, setSaving] = useState(false);
+  const [testing, setTesting] = useState(false);
+  const [testEmail, setTestEmail] = useState('');
+  const [message, setMessage] = useState('');
+  const [smtpHost, setSmtpHost] = useState('');
+  const [smtpPort, setSmtpPort] = useState('587');
+  const [smtpUser, setSmtpUser] = useState('');
+  const [smtpPass, setSmtpPass] = useState('');
+  const [fromEmail, setFromEmail] = useState('');
+  const [fromName, setFromName] = useState('');
+
+  useEffect(() => {
+    fetch('/api/email?type=smtp')
+      .then((r) => r.json())
+      .then((data) => {
+        setSmtpHost(data.smtpHost || '');
+        setSmtpPort(String(data.smtpPort || 587));
+        setSmtpUser(data.smtpUser || '');
+        setSmtpPass(data.smtpPass || '');
+        setFromEmail(data.fromEmail || '');
+        setFromName(data.fromName || '');
+      })
+      .finally(() => setLoading(false));
+  }, []);
+
+  const handleSave = async () => {
+    setSaving(true);
+    setMessage('');
+
+    try {
+      const res = await fetch('/api/email', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          type: 'smtp',
+          smtpHost,
+          smtpPort: parseInt(smtpPort),
+          smtpUser,
+          smtpPass,
+          fromEmail,
+          fromName,
+        }),
+      });
+
+      if (!res.ok) throw new Error('Save failed');
+      setMessage('SMTP settings saved!');
+    } catch {
+      setMessage('Failed to save');
+    } finally {
+      setSaving(false);
+    }
+  };
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  return (
+    <div className="card max-w-lg space-y-4">
+      <h3 className="font-semibold text-lg">SMTP Configuration</h3>
+
+      {message && (
+        <div className={`px-4 py-2 rounded-lg text-sm ${
+          message.includes('saved') ? 'bg-green-900/50 text-green-300' : 'bg-red-900/50 text-red-300'
+        }`}>
+          {message}
+        </div>
+      )}
+
+      <Input id="smtpHost" label="SMTP Host" value={smtpHost} onChange={(e) => setSmtpHost(e.target.value)} placeholder="smtp.gmail.com" />
+      <Input id="smtpPort" label="SMTP Port" type="number" value={smtpPort} onChange={(e) => setSmtpPort(e.target.value)} />
+      <p className="text-xs text-gray-500 -mt-2">
+        Port 587 = STARTTLS (most common). Port 465 = direct SSL. SSL is auto-detected from port.
+      </p>
+      <Input id="smtpUser" label="SMTP Username" value={smtpUser} onChange={(e) => setSmtpUser(e.target.value)} />
+      <Input id="smtpPass" label="SMTP Password" type="password" value={smtpPass} onChange={(e) => setSmtpPass(e.target.value)} />
+      <Input id="fromEmail" label="From Email" value={fromEmail} onChange={(e) => setFromEmail(e.target.value)} placeholder="noreply@example.com" />
+      <Input id="fromName" label="From Name" value={fromName} onChange={(e) => setFromName(e.target.value)} placeholder="Super Bowl Squares" />
+
+      <Button onClick={handleSave} loading={saving} className="w-full">
+        Save SMTP Settings
+      </Button>
+
+      <div className="border-t border-gray-700 pt-4 mt-4 space-y-3">
+        <h4 className="font-medium text-sm text-gray-300">Test Connection</h4>
+        <Input
+          id="testEmail"
+          label="Send test email to"
+          value={testEmail}
+          onChange={(e) => setTestEmail(e.target.value)}
+          placeholder="your@email.com"
+        />
+        <Button
+          variant="secondary"
+          loading={testing}
+          className="w-full"
+          onClick={async () => {
+            if (!testEmail) { setMessage('Enter a test email address'); return; }
+            setTesting(true);
+            setMessage('');
+            try {
+              const res = await fetch('/api/email', {
+                method: 'PATCH',
+                headers: { 'Content-Type': 'application/json' },
+                body: JSON.stringify({ to: testEmail }),
+              });
+              if (!res.ok) {
+                const data = await res.json();
+                throw new Error(data.error || 'Test failed');
+              }
+              setMessage('Test email sent successfully!');
+            } catch (err: any) {
+              setMessage(err.message || 'Test failed');
+            } finally {
+              setTesting(false);
+            }
+          }}
+        >
+          Send Test Email
+        </Button>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/admin/layout.tsx b/src/app/admin/layout.tsx
new file mode 100644
index 0000000..45977b9
--- /dev/null
+++ b/src/app/admin/layout.tsx
@@ -0,0 +1,76 @@
+'use client';
+
+import Link from 'next/link';
+import { usePathname } from 'next/navigation';
+import { useSession } from 'next-auth/react';
+
+const navItems = [
+  { href: '/admin', label: 'Dashboard', icon: '~' },
+  { href: '/admin/squares', label: 'Squares', icon: '#' },
+  { href: '/admin/numbers', label: 'Numbers', icon: '?' },
+  { href: '/admin/scores', label: 'Scores', icon: 'S' },
+  { href: '/admin/balance', label: 'Balance', icon: '$' },
+  { href: '/admin/settings', label: 'Settings', icon: '*' },
+  { href: '/admin/users', label: 'Users', icon: 'U' },
+  { href: '/admin/email', label: 'Email', icon: '@' },
+  { href: '/admin/chat', label: 'Chat', icon: 'C' },
+  { href: '/admin/backup', label: 'Backup', icon: 'B' },
+];
+
+export default function AdminLayout({
+  children,
+}: {
+  children: React.ReactNode;
+}) {
+  const pathname = usePathname();
+  const { data: session } = useSession();
+  const role = (session?.user as any)?.role;
+
+  // Viewer can't access certain pages
+  const viewerRestricted = ['/admin/settings', '/admin/users', '/admin/backup'];
+  const filteredNav = role === 'VIEWER'
+    ? navItems.filter((item) => !viewerRestricted.includes(item.href))
+    : navItems;
+
+  return (
+    <div className="min-h-screen flex">
+      {/* Sidebar */}
+      <aside className="w-56 bg-gray-900 border-r border-gray-800 flex flex-col">
+        <div className="p-4 border-b border-gray-800">
+          <Link href="/" className="text-lg font-bold text-primary-400">
+            SB Squares
+          </Link>
+          <p className="text-xs text-gray-500 mt-1">
+            {role === 'VIEWER' ? 'Commissioner' : 'Admin Panel'}
+          </p>
+        </div>
+        <nav className="flex-1 p-2 space-y-0.5">
+          {filteredNav.map((item) => (
+            <Link
+              key={item.href}
+              href={item.href}
+              className={`flex items-center gap-2 px-3 py-2 rounded-lg text-sm transition-colors ${
+                pathname === item.href
+                  ? 'bg-primary-900/50 text-primary-300'
+                  : 'text-gray-400 hover:text-white hover:bg-gray-800'
+              }`}
+            >
+              <span className="w-5 text-center font-mono text-xs">{item.icon}</span>
+              {item.label}
+            </Link>
+          ))}
+        </nav>
+        <div className="p-4 border-t border-gray-800">
+          <Link href="/" className="text-sm text-gray-400 hover:text-white">
+            &larr; Back to Grid
+          </Link>
+        </div>
+      </aside>
+
+      {/* Main content */}
+      <main className="flex-1 p-6 overflow-y-auto">
+        {children}
+      </main>
+    </div>
+  );
+}
diff --git a/src/app/admin/numbers/page.tsx b/src/app/admin/numbers/page.tsx
new file mode 100644
index 0000000..5424e34
--- /dev/null
+++ b/src/app/admin/numbers/page.tsx
@@ -0,0 +1,137 @@
+'use client';
+
+import { useState, useEffect } from 'react';
+import { Button } from '@/components/ui/Button';
+
+interface GridNumber {
+  position: number;
+  nfcNumber: number;
+  afcNumber: number;
+}
+
+export default function NumbersPage() {
+  const [gridNumbers, setGridNumbers] = useState<GridNumber[]>([]);
+  const [loading, setLoading] = useState(true);
+  const [generating, setGenerating] = useState(false);
+  const [canGenerate, setCanGenerate] = useState(false);
+  const [message, setMessage] = useState('');
+
+  useEffect(() => {
+    Promise.all([
+      fetch('/api/numbers').then((r) => r.json()),
+      fetch('/api/squares').then((r) => r.json()),
+    ]).then(([numbers, squares]) => {
+      setGridNumbers(numbers.gridNumbers || []);
+      const claimed = squares.filter(
+        (s: any) => s.userId || s.guestName
+      ).length;
+      setCanGenerate(claimed === 100 && (!numbers.gridNumbers || numbers.gridNumbers.length === 0));
+      setLoading(false);
+    });
+  }, []);
+
+  const handleGenerate = async () => {
+    if (!confirm('This will randomly assign numbers 0-9 to the grid. This cannot be undone. Continue?')) {
+      return;
+    }
+
+    setGenerating(true);
+    setMessage('');
+
+    try {
+      const res = await fetch('/api/numbers', {
+        method: 'POST',
+      });
+
+      if (!res.ok) {
+        const data = await res.json();
+        throw new Error(data.error || 'Generation failed');
+      }
+
+      const data = await res.json();
+      setGridNumbers(data.gridNumbers);
+      setCanGenerate(false);
+      setMessage('Numbers generated successfully!');
+    } catch (err: any) {
+      setMessage(err.message);
+    } finally {
+      setGenerating(false);
+    }
+  };
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  const hasNumbers = gridNumbers.length === 10;
+
+  return (
+    <div>
+      <div className="flex items-center justify-between mb-6">
+        <h1 className="text-2xl font-bold">Number Assignment</h1>
+        {!hasNumbers && (
+          <Button onClick={handleGenerate} loading={generating} disabled={!canGenerate}>
+            {canGenerate ? 'Generate Numbers' : 'All 100 squares must be filled'}
+          </Button>
+        )}
+      </div>
+
+      {message && (
+        <div className={`mb-4 px-4 py-2 rounded-lg text-sm ${
+          message.includes('success') ? 'bg-green-900/50 text-green-300' : 'bg-red-900/50 text-red-300'
+        }`}>
+          {message}
+        </div>
+      )}
+
+      {hasNumbers ? (
+        <div className="card">
+          <h2 className="font-semibold mb-4">Assigned Numbers</h2>
+          <div className="overflow-x-auto">
+            <table className="w-full text-sm">
+              <thead>
+                <tr className="text-gray-400 border-b border-gray-800">
+                  <th className="pb-2 text-left">Position</th>
+                  {gridNumbers
+                    .sort((a, b) => a.position - b.position)
+                    .map((g) => (
+                      <th key={g.position} className="pb-2 text-center w-12">
+                        {g.position}
+                      </th>
+                    ))}
+                </tr>
+              </thead>
+              <tbody>
+                <tr className="border-b border-gray-800/50">
+                  <td className="py-2 font-medium text-primary-400">NFC</td>
+                  {gridNumbers
+                    .sort((a, b) => a.position - b.position)
+                    .map((g) => (
+                      <td key={g.position} className="py-2 text-center font-mono font-bold">
+                        {g.nfcNumber}
+                      </td>
+                    ))}
+                </tr>
+                <tr>
+                  <td className="py-2 font-medium text-red-400">AFC</td>
+                  {gridNumbers
+                    .sort((a, b) => a.position - b.position)
+                    .map((g) => (
+                      <td key={g.position} className="py-2 text-center font-mono font-bold">
+                        {g.afcNumber}
+                      </td>
+                    ))}
+                </tr>
+              </tbody>
+            </table>
+          </div>
+        </div>
+      ) : (
+        <div className="card text-center py-12">
+          <p className="text-gray-400 text-lg">Numbers have not been generated yet.</p>
+          <p className="text-gray-500 text-sm mt-2">
+            All 100 squares must be filled before numbers can be assigned.
+          </p>
+        </div>
+      )}
+    </div>
+  );
+}
diff --git a/src/app/admin/page.tsx b/src/app/admin/page.tsx
new file mode 100644
index 0000000..607b4f3
--- /dev/null
+++ b/src/app/admin/page.tsx
@@ -0,0 +1,99 @@
+import { prisma } from '@/lib/prisma';
+
+export const dynamic = 'force-dynamic';
+
+export default async function AdminDashboard() {
+  const [squares, users, settings] = await Promise.all([
+    prisma.square.findMany(),
+    prisma.user.count(),
+    prisma.gameSettings.findUnique({ where: { id: 'singleton' } }),
+  ]);
+
+  const totalSquares = squares.length;
+  const claimed = squares.filter((s) => s.userId || s.guestName).length;
+  const confirmed = squares.filter((s) => s.confirmed).length;
+  const pending = claimed - confirmed;
+  const available = totalSquares - claimed;
+
+  const totalPot = claimed * (settings?.betAmount || 10);
+
+  return (
+    <div>
+      <h1 className="text-2xl font-bold mb-6">Dashboard</h1>
+
+      <div className="grid grid-cols-1 md:grid-cols-2 lg:grid-cols-4 gap-4 mb-8">
+        <div className="card">
+          <p className="text-sm text-gray-400">Total Pot</p>
+          <p className="text-3xl font-bold text-green-400">${totalPot.toFixed(2)}</p>
+        </div>
+        <div className="card">
+          <p className="text-sm text-gray-400">Squares Claimed</p>
+          <p className="text-3xl font-bold">{claimed}/100</p>
+        </div>
+        <div className="card">
+          <p className="text-sm text-gray-400">Confirmed / Pending</p>
+          <p className="text-3xl font-bold">
+            <span className="text-green-400">{confirmed}</span>
+            {' / '}
+            <span className="text-yellow-400">{pending}</span>
+          </p>
+        </div>
+        <div className="card">
+          <p className="text-sm text-gray-400">Registered Users</p>
+          <p className="text-3xl font-bold">{users}</p>
+        </div>
+      </div>
+
+      <div className="grid grid-cols-1 md:grid-cols-2 gap-4">
+        <div className="card">
+          <h2 className="font-semibold mb-3">Grid Status</h2>
+          <div className="w-full bg-gray-800 rounded-full h-4 overflow-hidden">
+            <div className="flex h-full">
+              <div
+                className="bg-green-500 h-full"
+                style={{ width: `${(confirmed / totalSquares) * 100}%` }}
+              />
+              <div
+                className="bg-yellow-500 h-full"
+                style={{ width: `${(pending / totalSquares) * 100}%` }}
+              />
+            </div>
+          </div>
+          <div className="flex justify-between mt-2 text-xs text-gray-400">
+            <span className="text-green-400">{confirmed} confirmed</span>
+            <span className="text-yellow-400">{pending} pending</span>
+            <span>{available} available</span>
+          </div>
+        </div>
+
+        <div className="card">
+          <h2 className="font-semibold mb-3">Payout Distribution</h2>
+          <div className="space-y-1 text-sm">
+            <div className="flex justify-between">
+              <span className="text-gray-400">Q1 ({settings?.winFirstPct || 20}%)</span>
+              <span>${(totalPot * (settings?.winFirstPct || 20) / 100).toFixed(2)}</span>
+            </div>
+            <div className="flex justify-between">
+              <span className="text-gray-400">Q2 ({settings?.winSecondPct || 20}%)</span>
+              <span>${(totalPot * (settings?.winSecondPct || 20) / 100).toFixed(2)}</span>
+            </div>
+            <div className="flex justify-between">
+              <span className="text-gray-400">Q3 ({settings?.winThirdPct || 20}%)</span>
+              <span>${(totalPot * (settings?.winThirdPct || 20) / 100).toFixed(2)}</span>
+            </div>
+            <div className="flex justify-between">
+              <span className="text-gray-400">Final ({settings?.winFinalPct || 30}%)</span>
+              <span>${(totalPot * (settings?.winFinalPct || 30) / 100).toFixed(2)}</span>
+            </div>
+            {(settings?.donationPct || 0) > 0 && (
+              <div className="flex justify-between">
+                <span className="text-gray-400">Donation ({settings?.donationPct}%)</span>
+                <span>${(totalPot * (settings?.donationPct || 0) / 100).toFixed(2)}</span>
+              </div>
+            )}
+          </div>
+        </div>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/admin/scores/page.tsx b/src/app/admin/scores/page.tsx
new file mode 100644
index 0000000..1883c9d
--- /dev/null
+++ b/src/app/admin/scores/page.tsx
@@ -0,0 +1,169 @@
+'use client';
+
+import { useState, useEffect } from 'react';
+import { Input } from '@/components/ui/Input';
+import { Button } from '@/components/ui/Button';
+
+export default function ScoresPage() {
+  const [loading, setLoading] = useState(true);
+  const [saving, setSaving] = useState(false);
+  const [message, setMessage] = useState('');
+
+  const [nfcFirst, setNfcFirst] = useState('');
+  const [afcFirst, setAfcFirst] = useState('');
+  const [nfcHalf, setNfcHalf] = useState('');
+  const [afcHalf, setAfcHalf] = useState('');
+  const [nfcThird, setNfcThird] = useState('');
+  const [afcThird, setAfcThird] = useState('');
+  const [nfcFinal, setNfcFinal] = useState('');
+  const [afcFinal, setAfcFinal] = useState('');
+
+  const [settings, setSettings] = useState<any>(null);
+  const [winners, setWinners] = useState<any>(null);
+
+  useEffect(() => {
+    Promise.all([
+      fetch('/api/scores').then((r) => r.json()),
+      fetch('/api/settings').then((r) => r.json()),
+    ]).then(([scoresData, settingsData]) => {
+      setSettings(settingsData);
+      if (scoresData.scores) {
+        const s = scoresData.scores;
+        setNfcFirst(s.nfcFirst?.toString() || '');
+        setAfcFirst(s.afcFirst?.toString() || '');
+        setNfcHalf(s.nfcHalf?.toString() || '');
+        setAfcHalf(s.afcHalf?.toString() || '');
+        setNfcThird(s.nfcThird?.toString() || '');
+        setAfcThird(s.afcThird?.toString() || '');
+        setNfcFinal(s.nfcFinal?.toString() || '');
+        setAfcFinal(s.afcFinal?.toString() || '');
+      }
+      setWinners(scoresData.winners || null);
+      setLoading(false);
+    });
+  }, []);
+
+  const handleSave = async () => {
+    setSaving(true);
+    setMessage('');
+
+    try {
+      const res = await fetch('/api/scores', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          nfcFirst: nfcFirst ? parseInt(nfcFirst) : null,
+          afcFirst: afcFirst ? parseInt(afcFirst) : null,
+          nfcHalf: nfcHalf ? parseInt(nfcHalf) : null,
+          afcHalf: afcHalf ? parseInt(afcHalf) : null,
+          nfcThird: nfcThird ? parseInt(nfcThird) : null,
+          afcThird: afcThird ? parseInt(afcThird) : null,
+          nfcFinal: nfcFinal ? parseInt(nfcFinal) : null,
+          afcFinal: afcFinal ? parseInt(afcFinal) : null,
+        }),
+      });
+
+      if (!res.ok) throw new Error('Save failed');
+      const data = await res.json();
+      setWinners(data.winners || null);
+      setMessage('Scores saved and winners calculated!');
+    } catch {
+      setMessage('Failed to save scores');
+    } finally {
+      setSaving(false);
+    }
+  };
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  return (
+    <div>
+      <div className="flex items-center justify-between mb-6">
+        <h1 className="text-2xl font-bold">Game Scores</h1>
+        <Button onClick={handleSave} loading={saving}>
+          Save & Calculate Winners
+        </Button>
+      </div>
+
+      {message && (
+        <div className={`mb-4 px-4 py-2 rounded-lg text-sm ${
+          message.includes('saved') ? 'bg-green-900/50 text-green-300' : 'bg-red-900/50 text-red-300'
+        }`}>
+          {message}
+        </div>
+      )}
+
+      <div className="grid grid-cols-1 md:grid-cols-2 gap-6">
+        <div className="card">
+          <h2 className="font-semibold text-lg mb-4">Enter Scores</h2>
+          <div className="space-y-4">
+            <div>
+              <h3 className="text-sm text-gray-400 mb-2">Q1 (End of First Quarter)</h3>
+              <div className="grid grid-cols-2 gap-3">
+                <Input id="nfcFirst" label={settings?.nfcTeam || 'NFC'} type="number" value={nfcFirst} onChange={(e) => setNfcFirst(e.target.value)} />
+                <Input id="afcFirst" label={settings?.afcTeam || 'AFC'} type="number" value={afcFirst} onChange={(e) => setAfcFirst(e.target.value)} />
+              </div>
+            </div>
+            <div>
+              <h3 className="text-sm text-gray-400 mb-2">Q2 (Halftime)</h3>
+              <div className="grid grid-cols-2 gap-3">
+                <Input id="nfcHalf" label={settings?.nfcTeam || 'NFC'} type="number" value={nfcHalf} onChange={(e) => setNfcHalf(e.target.value)} />
+                <Input id="afcHalf" label={settings?.afcTeam || 'AFC'} type="number" value={afcHalf} onChange={(e) => setAfcHalf(e.target.value)} />
+              </div>
+            </div>
+            <div>
+              <h3 className="text-sm text-gray-400 mb-2">Q3 (End of Third Quarter)</h3>
+              <div className="grid grid-cols-2 gap-3">
+                <Input id="nfcThird" label={settings?.nfcTeam || 'NFC'} type="number" value={nfcThird} onChange={(e) => setNfcThird(e.target.value)} />
+                <Input id="afcThird" label={settings?.afcTeam || 'AFC'} type="number" value={afcThird} onChange={(e) => setAfcThird(e.target.value)} />
+              </div>
+            </div>
+            <div>
+              <h3 className="text-sm text-gray-400 mb-2">Final</h3>
+              <div className="grid grid-cols-2 gap-3">
+                <Input id="nfcFinal" label={settings?.nfcTeam || 'NFC'} type="number" value={nfcFinal} onChange={(e) => setNfcFinal(e.target.value)} />
+                <Input id="afcFinal" label={settings?.afcTeam || 'AFC'} type="number" value={afcFinal} onChange={(e) => setAfcFinal(e.target.value)} />
+              </div>
+            </div>
+          </div>
+        </div>
+
+        {winners && (
+          <div className="card">
+            <h2 className="font-semibold text-lg mb-4">Winners</h2>
+            <div className="space-y-3">
+              {winners.first && (
+                <div className="bg-green-900/30 border border-green-800 rounded-lg p-3">
+                  <p className="text-sm text-green-400">Q1 Winner</p>
+                  <p className="font-bold">{winners.first.name}</p>
+                  <p className="text-xs text-gray-400">Square {winners.first.position}</p>
+                </div>
+              )}
+              {winners.half && (
+                <div className="bg-green-900/30 border border-green-800 rounded-lg p-3">
+                  <p className="text-sm text-green-400">Q2 (Halftime) Winner</p>
+                  <p className="font-bold">{winners.half.name}</p>
+                  <p className="text-xs text-gray-400">Square {winners.half.position}</p>
+                </div>
+              )}
+              {winners.third && (
+                <div className="bg-green-900/30 border border-green-800 rounded-lg p-3">
+                  <p className="text-sm text-green-400">Q3 Winner</p>
+                  <p className="font-bold">{winners.third.name}</p>
+                  <p className="text-xs text-gray-400">Square {winners.third.position}</p>
+                </div>
+              )}
+              {winners.final && (
+                <div className="bg-yellow-900/30 border border-yellow-800 rounded-lg p-3">
+                  <p className="text-sm text-yellow-400">Final Winner</p>
+                  <p className="font-bold">{winners.final.name}</p>
+                  <p className="text-xs text-gray-400">Square {winners.final.position}</p>
+                </div>
+              )}
+            </div>
+          </div>
+        )}
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/admin/settings/page.tsx b/src/app/admin/settings/page.tsx
new file mode 100644
index 0000000..cf4a73b
--- /dev/null
+++ b/src/app/admin/settings/page.tsx
@@ -0,0 +1,248 @@
+'use client';
+
+import { useState, useEffect } from 'react';
+import { Input } from '@/components/ui/Input';
+import { Button } from '@/components/ui/Button';
+import { ImagePicker } from '@/components/ui/ImagePicker';
+
+interface PaymentMethod {
+  id?: string;
+  type: string;
+  value: string;
+  enabled: boolean;
+}
+
+export default function SettingsPage() {
+  const [loading, setLoading] = useState(true);
+  const [saving, setSaving] = useState(false);
+  const [message, setMessage] = useState('');
+
+  const [title, setTitle] = useState('');
+  const [commissioner, setCommissioner] = useState('');
+  const [eventName, setEventName] = useState('');
+  const [eventDate, setEventDate] = useState('');
+  const [eventTime, setEventTime] = useState('');
+  const [nfcTeam, setNfcTeam] = useState('');
+  const [nfcLogo, setNfcLogo] = useState('');
+  const [afcTeam, setAfcTeam] = useState('');
+  const [afcLogo, setAfcLogo] = useState('');
+  const [sbLogo, setSbLogo] = useState('');
+  const [betAmount, setBetAmount] = useState('10');
+  const [winFirstPct, setWinFirstPct] = useState('20');
+  const [winSecondPct, setWinSecondPct] = useState('20');
+  const [winThirdPct, setWinThirdPct] = useState('20');
+  const [winFinalPct, setWinFinalPct] = useState('30');
+  const [donationPct, setDonationPct] = useState('10');
+  const [graceHours, setGraceHours] = useState('48');
+  const [rulesText, setRulesText] = useState('');
+  const [paymentInstructions, setPaymentInstructions] = useState('');
+  const [payments, setPayments] = useState<PaymentMethod[]>([]);
+
+  useEffect(() => {
+    fetch('/api/settings')
+      .then((res) => res.json())
+      .then((data) => {
+        setTitle(data.title || '');
+        setCommissioner(data.commissioner || '');
+        setEventName(data.eventName || '');
+        setEventDate(data.eventDate || '');
+        setEventTime(data.eventTime || '');
+        setNfcTeam(data.nfcTeam || '');
+        setNfcLogo(data.nfcLogo || '');
+        setAfcTeam(data.afcTeam || '');
+        setAfcLogo(data.afcLogo || '');
+        setSbLogo(data.sbLogo || '');
+        setBetAmount(String(data.betAmount || 10));
+        setWinFirstPct(String(data.winFirstPct || 20));
+        setWinSecondPct(String(data.winSecondPct || 20));
+        setWinThirdPct(String(data.winThirdPct || 20));
+        setWinFinalPct(String(data.winFinalPct || 30));
+        setDonationPct(String(data.donationPct || 10));
+        setGraceHours(String(data.graceHours || 48));
+        setRulesText(data.rulesText || '');
+        setPaymentInstructions(data.paymentInstructions || '');
+        setPayments(data.paymentMethods || []);
+      })
+      .finally(() => setLoading(false));
+  }, []);
+
+  const handleSave = async () => {
+    setSaving(true);
+    setMessage('');
+
+    try {
+      const res = await fetch('/api/settings', {
+        method: 'PUT',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          title,
+          commissioner,
+          eventName,
+          eventDate,
+          eventTime,
+          nfcTeam,
+          nfcLogo,
+          afcTeam,
+          afcLogo,
+          sbLogo,
+          betAmount: parseFloat(betAmount),
+          winFirstPct: parseFloat(winFirstPct),
+          winSecondPct: parseFloat(winSecondPct),
+          winThirdPct: parseFloat(winThirdPct),
+          winFinalPct: parseFloat(winFinalPct),
+          donationPct: parseFloat(donationPct),
+          graceHours: parseInt(graceHours),
+          rulesText,
+          paymentInstructions,
+          paymentMethods: payments,
+        }),
+      });
+
+      if (!res.ok) throw new Error('Save failed');
+      setMessage('Settings saved!');
+    } catch {
+      setMessage('Failed to save settings');
+    } finally {
+      setSaving(false);
+    }
+  };
+
+  const addPayment = () => {
+    setPayments([...payments, { type: 'VENMO', value: '', enabled: true }]);
+  };
+
+  const removePayment = (index: number) => {
+    setPayments(payments.filter((_, i) => i !== index));
+  };
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  return (
+    <div>
+      <div className="flex items-center justify-between mb-6">
+        <h1 className="text-2xl font-bold">Game Settings</h1>
+        <Button onClick={handleSave} loading={saving}>
+          Save Settings
+        </Button>
+      </div>
+
+      {message && (
+        <div className={`mb-4 px-4 py-2 rounded-lg text-sm ${
+          message.includes('saved') ? 'bg-green-900/50 text-green-300' : 'bg-red-900/50 text-red-300'
+        }`}>
+          {message}
+        </div>
+      )}
+
+      <div className="grid grid-cols-1 lg:grid-cols-2 gap-6">
+        {/* General */}
+        <div className="card space-y-4">
+          <h2 className="font-semibold text-lg">General</h2>
+          <Input id="title" label="Page Title" value={title} onChange={(e) => setTitle(e.target.value)} />
+          <Input id="commissioner" label="Commissioner" value={commissioner} onChange={(e) => setCommissioner(e.target.value)} />
+          <Input id="eventName" label="Event Name" value={eventName} onChange={(e) => setEventName(e.target.value)} />
+          <div className="grid grid-cols-2 gap-3">
+            <Input id="eventDate" label="Event Date" value={eventDate} onChange={(e) => setEventDate(e.target.value)} placeholder="Feb 9, 2025" />
+            <Input id="eventTime" label="Event Time" value={eventTime} onChange={(e) => setEventTime(e.target.value)} placeholder="6:30 PM ET" />
+          </div>
+        </div>
+
+        {/* Teams */}
+        <div className="card space-y-4">
+          <h2 className="font-semibold text-lg">Teams</h2>
+          <Input id="nfcTeam" label="NFC Team Name" value={nfcTeam} onChange={(e) => setNfcTeam(e.target.value)} />
+          <ImagePicker label="NFC Team Logo" value={nfcLogo} onChange={setNfcLogo} />
+          <Input id="afcTeam" label="AFC Team Name" value={afcTeam} onChange={(e) => setAfcTeam(e.target.value)} />
+          <ImagePicker label="AFC Team Logo" value={afcLogo} onChange={setAfcLogo} />
+          <ImagePicker label="Super Bowl Logo" value={sbLogo} onChange={setSbLogo} />
+        </div>
+
+        {/* Financials */}
+        <div className="card space-y-4">
+          <h2 className="font-semibold text-lg">Financials</h2>
+          <Input id="betAmount" label="Bet Amount ($)" type="number" value={betAmount} onChange={(e) => setBetAmount(e.target.value)} />
+          <div className="grid grid-cols-2 gap-3">
+            <Input id="winFirstPct" label="Q1 Payout %" type="number" value={winFirstPct} onChange={(e) => setWinFirstPct(e.target.value)} />
+            <Input id="winSecondPct" label="Q2 Payout %" type="number" value={winSecondPct} onChange={(e) => setWinSecondPct(e.target.value)} />
+            <Input id="winThirdPct" label="Q3 Payout %" type="number" value={winThirdPct} onChange={(e) => setWinThirdPct(e.target.value)} />
+            <Input id="winFinalPct" label="Final Payout %" type="number" value={winFinalPct} onChange={(e) => setWinFinalPct(e.target.value)} />
+          </div>
+          <Input id="donationPct" label="Donation %" type="number" value={donationPct} onChange={(e) => setDonationPct(e.target.value)} />
+          <Input id="graceHours" label="Payment Grace Period (hours)" type="number" value={graceHours} onChange={(e) => setGraceHours(e.target.value)} />
+        </div>
+
+        {/* Payment Methods */}
+        <div className="card space-y-4">
+          <div className="flex items-center justify-between">
+            <h2 className="font-semibold text-lg">Payment Methods</h2>
+            <Button size="sm" variant="secondary" onClick={addPayment}>+ Add</Button>
+          </div>
+          {payments.map((pm, idx) => (
+            <div key={idx} className="flex items-end gap-2">
+              <div className="space-y-1 flex-shrink-0">
+                <label className="block text-sm font-medium text-gray-300">Type</label>
+                <select
+                  value={pm.type}
+                  onChange={(e) => {
+                    const updated = [...payments];
+                    updated[idx] = { ...updated[idx], type: e.target.value };
+                    setPayments(updated);
+                  }}
+                  className="input-field"
+                >
+                  <option value="VENMO">Venmo</option>
+                  <option value="PAYPAL">PayPal</option>
+                  <option value="CASHAPP">Cash App</option>
+                  <option value="ZELLE">Zelle</option>
+                  <option value="CASH">Cash</option>
+                </select>
+              </div>
+              <div className="flex-1 space-y-1">
+                <label className="block text-sm font-medium text-gray-300">Value</label>
+                <input
+                  value={pm.value}
+                  onChange={(e) => {
+                    const updated = [...payments];
+                    updated[idx] = { ...updated[idx], value: e.target.value };
+                    setPayments(updated);
+                  }}
+                  className="input-field"
+                  placeholder="@username or email"
+                />
+              </div>
+              <button
+                onClick={() => removePayment(idx)}
+                className="text-red-400 hover:text-red-300 p-2"
+              >
+                &times;
+              </button>
+            </div>
+          ))}
+
+          <div className="space-y-1 pt-2 border-t border-gray-700">
+            <label className="block text-sm font-medium text-gray-300">Payment Instructions</label>
+            <textarea
+              value={paymentInstructions}
+              onChange={(e) => setPaymentInstructions(e.target.value)}
+              className="input-field resize-none"
+              rows={4}
+              placeholder="Instructions shown to players after purchasing squares (e.g., 'Please send payment within 48 hours via one of the methods below.')"
+            />
+          </div>
+        </div>
+
+        {/* Rules */}
+        <div className="card space-y-4 lg:col-span-2">
+          <h2 className="font-semibold text-lg">Rules Text</h2>
+          <textarea
+            value={rulesText}
+            onChange={(e) => setRulesText(e.target.value)}
+            className="input-field resize-none"
+            rows={6}
+            placeholder="Enter the rules for your Super Bowl Squares game..."
+          />
+        </div>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/admin/squares/page.tsx b/src/app/admin/squares/page.tsx
new file mode 100644
index 0000000..33137cd
--- /dev/null
+++ b/src/app/admin/squares/page.tsx
@@ -0,0 +1,331 @@
+'use client';
+
+import { useState, useEffect } from 'react';
+import { Button } from '@/components/ui/Button';
+import { Modal } from '@/components/ui/Modal';
+import { Input } from '@/components/ui/Input';
+import { useWebSocket } from '@/lib/ws';
+
+interface Square {
+  id: string;
+  position: string;
+  userId: string | null;
+  guestName: string | null;
+  guestEmail: string | null;
+  notes: string | null;
+  confirmed: boolean;
+  signupDate: string | null;
+  user: { name: string; email: string } | null;
+}
+
+export default function SquaresManagementPage() {
+  const [squares, setSquares] = useState<Square[]>([]);
+  const [loading, setLoading] = useState(true);
+  const [filter, setFilter] = useState<'all' | 'pending' | 'confirmed' | 'available'>('all');
+  const [editModal, setEditModal] = useState<Square | null>(null);
+  const [reserveModal, setReserveModal] = useState(false);
+  const [reservePosition, setReservePosition] = useState('');
+  const [reserveName, setReserveName] = useState('');
+  const [reserveEmail, setReserveEmail] = useState('');
+  const { notifySquaresChanged } = useWebSocket();
+
+  const fetchSquares = () => {
+    fetch('/api/squares')
+      .then((res) => res.json())
+      .then(setSquares)
+      .finally(() => setLoading(false));
+  };
+
+  useEffect(() => {
+    fetchSquares();
+  }, []);
+
+  const handleAction = async (position: string, action: string, extra?: any) => {
+    await fetch('/api/squares', {
+      method: 'PATCH',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ position, action, ...extra }),
+    });
+    fetchSquares();
+    notifySquaresChanged();
+  };
+
+  const handleConfirmAll = async () => {
+    const pendingSquares = squares.filter(
+      (s) => (s.userId || s.guestName) && !s.confirmed
+    );
+    for (const sq of pendingSquares) {
+      await handleAction(sq.position, 'confirm');
+    }
+  };
+
+  const parsePositions = (input: string): string[] => {
+    const positions: string[] = [];
+    const parts = input.split(',').map((s) => s.trim()).filter(Boolean);
+    for (const part of parts) {
+      if (part.includes('-')) {
+        const [startStr, endStr] = part.split('-').map((s) => s.trim());
+        const start = parseInt(startStr, 10);
+        const end = parseInt(endStr, 10);
+        if (!isNaN(start) && !isNaN(end) && start <= end && start >= 0 && end <= 99) {
+          for (let i = start; i <= end; i++) {
+            positions.push(String(i).padStart(2, '0'));
+          }
+        }
+      } else {
+        const num = parseInt(part, 10);
+        if (!isNaN(num) && num >= 0 && num <= 99) {
+          positions.push(String(num).padStart(2, '0'));
+        }
+      }
+    }
+    // Deduplicate
+    return Array.from(new Set(positions));
+  };
+
+  const handleBulkReserve = async () => {
+    const positions = parsePositions(reservePosition);
+    if (positions.length === 0) return;
+
+    await fetch('/api/squares', {
+      method: 'PATCH',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        action: 'bulk-reserve',
+        positions,
+        guestName: reserveName || 'Reserved',
+        guestEmail: reserveEmail || undefined,
+      }),
+    });
+
+    setReserveModal(false);
+    setReservePosition('');
+    setReserveName('');
+    setReserveEmail('');
+    fetchSquares();
+    notifySquaresChanged();
+  };
+
+  const filteredSquares = squares.filter((s) => {
+    const isTaken = s.userId || s.guestName;
+    if (filter === 'pending') return isTaken && !s.confirmed;
+    if (filter === 'confirmed') return s.confirmed;
+    if (filter === 'available') return !isTaken;
+    return true;
+  });
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  return (
+    <div>
+      <div className="flex items-center justify-between mb-6">
+        <h1 className="text-2xl font-bold">Manage Squares</h1>
+        <div className="flex gap-2">
+          <Button size="sm" variant="secondary" onClick={() => setReserveModal(true)}>
+            Reserve Squares
+          </Button>
+          <Button size="sm" variant="success" onClick={handleConfirmAll}>
+            Confirm All Pending
+          </Button>
+        </div>
+      </div>
+
+      {/* Filters */}
+      <div className="flex gap-2 mb-4">
+        {(['all', 'pending', 'confirmed', 'available'] as const).map((f) => (
+          <button
+            key={f}
+            onClick={() => setFilter(f)}
+            className={`px-3 py-1 rounded-lg text-sm ${
+              filter === f ? 'bg-primary-600 text-white' : 'bg-gray-800 text-gray-400 hover:text-white'
+            }`}
+          >
+            {f.charAt(0).toUpperCase() + f.slice(1)}
+          </button>
+        ))}
+      </div>
+
+      {/* Squares table */}
+      <div className="overflow-x-auto">
+        <table className="w-full text-sm">
+          <thead>
+            <tr className="text-left text-gray-400 border-b border-gray-800">
+              <th className="pb-2 pr-4">Pos</th>
+              <th className="pb-2 pr-4">Name</th>
+              <th className="pb-2 pr-4">Email</th>
+              <th className="pb-2 pr-4">Status</th>
+              <th className="pb-2 pr-4">Date</th>
+              <th className="pb-2 pr-4">Notes</th>
+              <th className="pb-2">Actions</th>
+            </tr>
+          </thead>
+          <tbody>
+            {filteredSquares.map((sq) => {
+              const name = sq.user?.name || sq.guestName;
+              const email = sq.user?.email || sq.guestEmail;
+              const isTaken = !!name;
+
+              return (
+                <tr key={sq.position} className="border-b border-gray-800/50 hover:bg-gray-900/50">
+                  <td className="py-2 pr-4 font-mono font-bold">{sq.position}</td>
+                  <td className="py-2 pr-4">{name || <span className="text-gray-600">Available</span>}</td>
+                  <td className="py-2 pr-4 text-gray-400">{email || '-'}</td>
+                  <td className="py-2 pr-4">
+                    {isTaken ? (
+                      <span className={`text-xs px-2 py-0.5 rounded-full ${
+                        sq.confirmed ? 'bg-green-900 text-green-300' : 'bg-yellow-900 text-yellow-300'
+                      }`}>
+                        {sq.confirmed ? 'Confirmed' : 'Pending'}
+                      </span>
+                    ) : (
+                      <span className="text-xs text-gray-600">-</span>
+                    )}
+                  </td>
+                  <td className="py-2 pr-4 text-gray-400">
+                    {sq.signupDate
+                      ? new Date(sq.signupDate).toLocaleDateString()
+                      : '-'}
+                  </td>
+                  <td className="py-2 pr-4 text-gray-400 max-w-[150px] truncate" title={sq.notes || ''}>
+                    {sq.notes || '-'}
+                  </td>
+                  <td className="py-2">
+                    {isTaken && (
+                      <div className="flex gap-1">
+                        {!sq.confirmed && (
+                          <button
+                            onClick={() => handleAction(sq.position, 'confirm')}
+                            className="text-xs bg-green-800 hover:bg-green-700 px-2 py-1 rounded"
+                          >
+                            Confirm
+                          </button>
+                        )}
+                        <button
+                          onClick={() => handleAction(sq.position, 'release')}
+                          className="text-xs bg-red-800 hover:bg-red-700 px-2 py-1 rounded"
+                        >
+                          Release
+                        </button>
+                        <button
+                          onClick={() => setEditModal({
+                            ...sq,
+                            guestName: sq.user?.name || sq.guestName || '',
+                            guestEmail: sq.user?.email || sq.guestEmail || '',
+                          })}
+                          className="text-xs bg-gray-700 hover:bg-gray-600 px-2 py-1 rounded"
+                        >
+                          Edit
+                        </button>
+                      </div>
+                    )}
+                  </td>
+                </tr>
+              );
+            })}
+          </tbody>
+        </table>
+      </div>
+
+      {/* Edit modal */}
+      <Modal
+        open={!!editModal}
+        onClose={() => setEditModal(null)}
+        title={`Edit Square ${editModal?.position}`}
+      >
+        {editModal && (
+          <div className="space-y-4">
+            <Input
+              id="editName"
+              label="Name"
+              value={editModal.guestName || ''}
+              onChange={(e) => {
+                setEditModal({ ...editModal, guestName: e.target.value });
+              }}
+            />
+            <Input
+              id="editEmail"
+              label="Email"
+              value={editModal.guestEmail || ''}
+              onChange={(e) => {
+                setEditModal({ ...editModal, guestEmail: e.target.value });
+              }}
+            />
+            <Input
+              id="editNotes"
+              label="Notes"
+              value={editModal.notes || ''}
+              onChange={(e) => {
+                setEditModal({ ...editModal, notes: e.target.value });
+              }}
+            />
+            <div className="flex gap-3">
+              <Button
+                variant="secondary"
+                onClick={() => setEditModal(null)}
+                className="flex-1"
+              >
+                Cancel
+              </Button>
+              <Button
+                onClick={() => {
+                  handleAction(editModal.position, 'edit', {
+                    guestName: editModal.guestName,
+                    guestEmail: editModal.guestEmail,
+                    notes: editModal.notes,
+                  });
+                  setEditModal(null);
+                }}
+                className="flex-1"
+              >
+                Save
+              </Button>
+            </div>
+          </div>
+        )}
+      </Modal>
+
+      {/* Reserve modal */}
+      <Modal
+        open={reserveModal}
+        onClose={() => setReserveModal(false)}
+        title="Reserve Squares"
+      >
+        <div className="space-y-4">
+          <Input
+            id="reservePosition"
+            label="Positions"
+            value={reservePosition}
+            onChange={(e) => setReservePosition(e.target.value)}
+            placeholder="e.g. 20-35 or 40,41,35,25"
+          />
+          <p className="text-xs text-gray-500 -mt-2">
+            Supports ranges (20-35) and comma-separated (40,41,35)
+          </p>
+          <Input
+            id="reserveName"
+            label="Name"
+            value={reserveName}
+            onChange={(e) => setReserveName(e.target.value)}
+          />
+          <Input
+            id="reserveEmail"
+            label="Email (optional)"
+            value={reserveEmail}
+            onChange={(e) => setReserveEmail(e.target.value)}
+          />
+          <div className="flex gap-3">
+            <Button variant="secondary" onClick={() => setReserveModal(false)} className="flex-1">
+              Cancel
+            </Button>
+            <Button
+              onClick={handleBulkReserve}
+              className="flex-1"
+            >
+              Reserve
+            </Button>
+          </div>
+        </div>
+      </Modal>
+    </div>
+  );
+}
diff --git a/src/app/admin/users/page.tsx b/src/app/admin/users/page.tsx
new file mode 100644
index 0000000..01df4c7
--- /dev/null
+++ b/src/app/admin/users/page.tsx
@@ -0,0 +1,172 @@
+'use client';
+
+import { useState, useEffect } from 'react';
+import { Button } from '@/components/ui/Button';
+import { Modal } from '@/components/ui/Modal';
+import { Input } from '@/components/ui/Input';
+
+interface User {
+  id: string;
+  name: string;
+  email: string;
+  role: string;
+  createdAt: string;
+  _count: { squares: number };
+}
+
+export default function UsersPage() {
+  const [users, setUsers] = useState<User[]>([]);
+  const [loading, setLoading] = useState(true);
+  const [createModal, setCreateModal] = useState(false);
+  const [newName, setNewName] = useState('');
+  const [newEmail, setNewEmail] = useState('');
+  const [newPassword, setNewPassword] = useState('');
+  const [newRole, setNewRole] = useState('PLAYER');
+  const [error, setError] = useState('');
+
+  const fetchUsers = () => {
+    fetch('/api/users')
+      .then((res) => res.json())
+      .then(setUsers)
+      .finally(() => setLoading(false));
+  };
+
+  useEffect(() => {
+    fetchUsers();
+  }, []);
+
+  const handleCreateUser = async () => {
+    setError('');
+    try {
+      const res = await fetch('/api/users', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          name: newName,
+          email: newEmail,
+          password: newPassword,
+          role: newRole,
+        }),
+      });
+
+      if (!res.ok) {
+        const data = await res.json();
+        throw new Error(data.error || 'Failed');
+      }
+
+      setCreateModal(false);
+      setNewName('');
+      setNewEmail('');
+      setNewPassword('');
+      setNewRole('PLAYER');
+      fetchUsers();
+    } catch (err: any) {
+      setError(err.message);
+    }
+  };
+
+  const handleChangeRole = async (userId: string, role: string) => {
+    await fetch(`/api/users/${userId}`, {
+      method: 'PATCH',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({ role }),
+    });
+    fetchUsers();
+  };
+
+  const handleDelete = async (userId: string) => {
+    if (!confirm('Are you sure you want to delete this user?')) return;
+    await fetch(`/api/users/${userId}`, { method: 'DELETE' });
+    fetchUsers();
+  };
+
+  if (loading) return <p className="text-gray-400">Loading...</p>;
+
+  return (
+    <div>
+      <div className="flex items-center justify-between mb-6">
+        <h1 className="text-2xl font-bold">User Management</h1>
+        <Button onClick={() => setCreateModal(true)}>Create User</Button>
+      </div>
+
+      <div className="overflow-x-auto">
+        <table className="w-full text-sm">
+          <thead>
+            <tr className="text-left text-gray-400 border-b border-gray-800">
+              <th className="pb-2 pr-4">Name</th>
+              <th className="pb-2 pr-4">Email</th>
+              <th className="pb-2 pr-4">Role</th>
+              <th className="pb-2 pr-4">Squares</th>
+              <th className="pb-2 pr-4">Joined</th>
+              <th className="pb-2">Actions</th>
+            </tr>
+          </thead>
+          <tbody>
+            {users.map((user) => (
+              <tr key={user.id} className="border-b border-gray-800/50 hover:bg-gray-900/50">
+                <td className="py-2 pr-4 font-medium">{user.name}</td>
+                <td className="py-2 pr-4 text-gray-400">{user.email}</td>
+                <td className="py-2 pr-4">
+                  <select
+                    value={user.role}
+                    onChange={(e) => handleChangeRole(user.id, e.target.value)}
+                    className="bg-gray-800 border border-gray-700 rounded px-2 py-1 text-xs"
+                  >
+                    <option value="ADMIN">Admin</option>
+                    <option value="VIEWER">Viewer</option>
+                    <option value="PLAYER">Player</option>
+                  </select>
+                </td>
+                <td className="py-2 pr-4">{user._count.squares}</td>
+                <td className="py-2 pr-4 text-gray-400">
+                  {new Date(user.createdAt).toLocaleDateString()}
+                </td>
+                <td className="py-2">
+                  <button
+                    onClick={() => handleDelete(user.id)}
+                    className="text-xs bg-red-800 hover:bg-red-700 px-2 py-1 rounded"
+                  >
+                    Delete
+                  </button>
+                </td>
+              </tr>
+            ))}
+          </tbody>
+        </table>
+      </div>
+
+      <Modal open={createModal} onClose={() => setCreateModal(false)} title="Create User">
+        <div className="space-y-4">
+          {error && (
+            <div className="bg-red-900/50 border border-red-700 rounded-lg px-4 py-2 text-sm text-red-300">
+              {error}
+            </div>
+          )}
+          <Input id="newName" label="Name" value={newName} onChange={(e) => setNewName(e.target.value)} />
+          <Input id="newEmail" label="Email" type="email" value={newEmail} onChange={(e) => setNewEmail(e.target.value)} />
+          <Input id="newPassword" label="Password" type="password" value={newPassword} onChange={(e) => setNewPassword(e.target.value)} placeholder="Min 8 characters" />
+          <div className="space-y-1">
+            <label className="block text-sm font-medium text-gray-300">Role</label>
+            <select
+              value={newRole}
+              onChange={(e) => setNewRole(e.target.value)}
+              className="input-field"
+            >
+              <option value="PLAYER">Player</option>
+              <option value="VIEWER">Viewer</option>
+              <option value="ADMIN">Admin</option>
+            </select>
+          </div>
+          <div className="flex gap-3">
+            <Button variant="secondary" onClick={() => setCreateModal(false)} className="flex-1">
+              Cancel
+            </Button>
+            <Button onClick={handleCreateUser} className="flex-1">
+              Create
+            </Button>
+          </div>
+        </div>
+      </Modal>
+    </div>
+  );
+}
diff --git a/src/app/api/auth/[...nextauth]/route.ts b/src/app/api/auth/[...nextauth]/route.ts
new file mode 100644
index 0000000..bf195af
--- /dev/null
+++ b/src/app/api/auth/[...nextauth]/route.ts
@@ -0,0 +1,6 @@
+import NextAuth from 'next-auth';
+import { authOptions } from '@/lib/auth';
+
+const handler = NextAuth(authOptions);
+
+export { handler as GET, handler as POST };
diff --git a/src/app/api/backup/route.ts b/src/app/api/backup/route.ts
new file mode 100644
index 0000000..27be2eb
--- /dev/null
+++ b/src/app/api/backup/route.ts
@@ -0,0 +1,244 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+
+// Export backup
+export async function GET(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const { searchParams } = new URL(request.url);
+    const type = searchParams.get('type') || 'config';
+
+    const backup: any = {
+      version: '1.0',
+      type,
+      exportedAt: new Date().toISOString(),
+    };
+
+    // Config data (always included)
+    backup.gameSettings = await prisma.gameSettings.findUnique({
+      where: { id: 'singleton' },
+      include: { paymentMethods: true },
+    });
+
+    backup.emailSettings = await prisma.emailSettings.findUnique({
+      where: { id: 'singleton' },
+    });
+
+    backup.emailTemplates = await prisma.emailTemplate.findMany();
+
+    if (type === 'full') {
+      backup.squares = await prisma.square.findMany({
+        include: { user: { select: { name: true, email: true } } },
+      });
+
+      backup.gridNumbers = await prisma.gridNumber.findMany();
+
+      backup.scores = await prisma.score.findUnique({
+        where: { id: 'singleton' },
+      });
+
+      backup.chatMessages = await prisma.chatMessage.findMany({
+        include: { user: { select: { name: true } } },
+      });
+
+      backup.chatBlacklist = await prisma.chatBlacklist.findMany();
+
+      // Users without passwords
+      backup.users = await prisma.user.findMany({
+        select: {
+          id: true,
+          name: true,
+          email: true,
+          role: true,
+          createdAt: true,
+        },
+      });
+    }
+
+    return NextResponse.json(backup);
+  } catch {
+    return NextResponse.json({ error: 'Export failed' }, { status: 500 });
+  }
+}
+
+// Restore backup
+export async function POST(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const backup = await request.json();
+
+    if (!backup.version || !backup.type) {
+      return NextResponse.json({ error: 'Invalid backup format' }, { status: 400 });
+    }
+
+    // Restore game settings
+    if (backup.gameSettings) {
+      const { paymentMethods, ...settingsData } = backup.gameSettings;
+
+      await prisma.gameSettings.upsert({
+        where: { id: 'singleton' },
+        update: {
+          title: settingsData.title,
+          commissioner: settingsData.commissioner,
+          eventName: settingsData.eventName,
+          eventDate: settingsData.eventDate,
+          eventTime: settingsData.eventTime,
+          sbLogo: settingsData.sbLogo,
+          nfcTeam: settingsData.nfcTeam,
+          nfcLogo: settingsData.nfcLogo,
+          afcTeam: settingsData.afcTeam,
+          afcLogo: settingsData.afcLogo,
+          betAmount: settingsData.betAmount,
+          winFirstPct: settingsData.winFirstPct,
+          winSecondPct: settingsData.winSecondPct,
+          winThirdPct: settingsData.winThirdPct,
+          winFinalPct: settingsData.winFinalPct,
+          donationPct: settingsData.donationPct,
+          graceHours: settingsData.graceHours,
+          rulesText: settingsData.rulesText,
+        },
+        create: { id: 'singleton', ...settingsData },
+      });
+
+      if (paymentMethods) {
+        await prisma.paymentMethod.deleteMany({
+          where: { gameSettingsId: 'singleton' },
+        });
+
+        for (const pm of paymentMethods) {
+          await prisma.paymentMethod.create({
+            data: {
+              gameSettingsId: 'singleton',
+              type: pm.type,
+              value: pm.value,
+              enabled: pm.enabled ?? true,
+            },
+          });
+        }
+      }
+    }
+
+    // Restore email settings
+    if (backup.emailSettings) {
+      const es = backup.emailSettings;
+      await prisma.emailSettings.upsert({
+        where: { id: 'singleton' },
+        update: {
+          smtpHost: es.smtpHost,
+          smtpPort: es.smtpPort,
+          smtpUser: es.smtpUser,
+          smtpPass: es.smtpPass,
+          useSsl: es.useSsl,
+          fromEmail: es.fromEmail,
+          fromName: es.fromName,
+        },
+        create: { id: 'singleton', ...es },
+      });
+    }
+
+    // Restore email templates
+    if (backup.emailTemplates) {
+      for (const tmpl of backup.emailTemplates) {
+        await prisma.emailTemplate.upsert({
+          where: { name: tmpl.name },
+          update: { subject: tmpl.subject, body: tmpl.body },
+          create: { name: tmpl.name, subject: tmpl.subject, body: tmpl.body },
+        });
+      }
+    }
+
+    // Full backup restoration
+    if (backup.type === 'full') {
+      // Restore squares
+      if (backup.squares) {
+        for (const sq of backup.squares) {
+          await prisma.square.upsert({
+            where: { position: sq.position },
+            update: {
+              guestName: sq.guestName,
+              guestEmail: sq.guestEmail,
+              notes: sq.notes,
+              confirmed: sq.confirmed,
+              signupDate: sq.signupDate ? new Date(sq.signupDate) : null,
+              firstWin: sq.firstWin,
+              halfWin: sq.halfWin,
+              thirdWin: sq.thirdWin,
+              finalWin: sq.finalWin,
+            },
+            create: {
+              position: sq.position,
+              guestName: sq.guestName,
+              guestEmail: sq.guestEmail,
+              notes: sq.notes,
+              confirmed: sq.confirmed,
+              signupDate: sq.signupDate ? new Date(sq.signupDate) : null,
+              firstWin: sq.firstWin,
+              halfWin: sq.halfWin,
+              thirdWin: sq.thirdWin,
+              finalWin: sq.finalWin,
+            },
+          });
+        }
+      }
+
+      // Restore grid numbers
+      if (backup.gridNumbers) {
+        await prisma.gridNumber.deleteMany();
+        for (const gn of backup.gridNumbers) {
+          await prisma.gridNumber.create({
+            data: {
+              position: gn.position,
+              nfcNumber: gn.nfcNumber,
+              afcNumber: gn.afcNumber,
+            },
+          });
+        }
+      }
+
+      // Restore scores
+      if (backup.scores) {
+        const s = backup.scores;
+        await prisma.score.upsert({
+          where: { id: 'singleton' },
+          update: {
+            nfcFirst: s.nfcFirst,
+            afcFirst: s.afcFirst,
+            nfcHalf: s.nfcHalf,
+            afcHalf: s.afcHalf,
+            nfcThird: s.nfcThird,
+            afcThird: s.afcThird,
+            nfcFinal: s.nfcFinal,
+            afcFinal: s.afcFinal,
+          },
+          create: { id: 'singleton', ...s },
+        });
+      }
+
+      // Restore chat blacklist
+      if (backup.chatBlacklist) {
+        for (const bl of backup.chatBlacklist) {
+          await prisma.chatBlacklist.upsert({
+            where: { word: bl.word },
+            update: {},
+            create: { word: bl.word },
+          });
+        }
+      }
+    }
+
+    return NextResponse.json({ success: true });
+  } catch (error) {
+    console.error('Restore error:', error);
+    return NextResponse.json({ error: 'Restore failed' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/chat/route.ts b/src/app/api/chat/route.ts
new file mode 100644
index 0000000..aa2f034
--- /dev/null
+++ b/src/app/api/chat/route.ts
@@ -0,0 +1,104 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+
+export async function GET(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const role = (session.user as any).role;
+    if (role !== 'ADMIN' && role !== 'VIEWER') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const { searchParams } = new URL(request.url);
+    const type = searchParams.get('type');
+
+    if (type === 'blacklist') {
+      const words = await prisma.chatBlacklist.findMany({
+        orderBy: { word: 'asc' },
+      });
+      return NextResponse.json({ words });
+    }
+
+    // Default: get messages
+    const messages = await prisma.chatMessage.findMany({
+      orderBy: { createdAt: 'desc' },
+      take: 200,
+      include: { user: { select: { name: true } } },
+    });
+
+    return NextResponse.json({ messages });
+  } catch {
+    return NextResponse.json({ error: 'Failed to fetch' }, { status: 500 });
+  }
+}
+
+// Add blacklist word
+export async function POST(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const role = (session.user as any).role;
+    if (role !== 'ADMIN' && role !== 'VIEWER') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+
+    if (body.type === 'blacklist' && body.word) {
+      await prisma.chatBlacklist.create({
+        data: { word: body.word.toLowerCase() },
+      });
+      return NextResponse.json({ success: true });
+    }
+
+    return NextResponse.json({ error: 'Invalid request' }, { status: 400 });
+  } catch (error: any) {
+    if (error.code === 'P2002') {
+      return NextResponse.json({ error: 'Word already blacklisted' }, { status: 400 });
+    }
+    return NextResponse.json({ error: 'Failed' }, { status: 500 });
+  }
+}
+
+// Delete message or blacklist word
+export async function DELETE(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const role = (session.user as any).role;
+    if (role !== 'ADMIN' && role !== 'VIEWER') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+
+    if (body.type === 'blacklist' && body.wordId) {
+      await prisma.chatBlacklist.delete({ where: { id: body.wordId } });
+      return NextResponse.json({ success: true });
+    }
+
+    if (body.messageId) {
+      await prisma.chatMessage.update({
+        where: { id: body.messageId },
+        data: { deleted: true },
+      });
+      return NextResponse.json({ success: true });
+    }
+
+    return NextResponse.json({ error: 'Invalid request' }, { status: 400 });
+  } catch {
+    return NextResponse.json({ error: 'Failed' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/email/route.ts b/src/app/api/email/route.ts
new file mode 100644
index 0000000..59222e2
--- /dev/null
+++ b/src/app/api/email/route.ts
@@ -0,0 +1,257 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+import { sendEmail, renderTemplate } from '@/lib/email';
+
+export async function GET(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const role = (session.user as any).role;
+    if (role !== 'ADMIN' && role !== 'VIEWER') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const { searchParams } = new URL(request.url);
+    const type = searchParams.get('type');
+
+    if (type === 'templates') {
+      const templates = await prisma.emailTemplate.findMany({
+        orderBy: { name: 'asc' },
+      });
+      return NextResponse.json(templates);
+    }
+
+    if (type === 'smtp') {
+      const settings = await prisma.emailSettings.findUnique({
+        where: { id: 'singleton' },
+      });
+      return NextResponse.json(settings || {});
+    }
+
+    if (type === 'recipients') {
+      // Get all unique recipients from squares
+      const squares = await prisma.square.findMany({
+        where: {
+          OR: [
+            { userId: { not: null } },
+            { guestEmail: { not: null } },
+          ],
+        },
+        include: { user: { select: { name: true, email: true } } },
+      });
+
+      const recipientMap = new Map<string, { name: string; email: string }>();
+      for (const sq of squares) {
+        const email = sq.user?.email || sq.guestEmail;
+        const name = sq.user?.name || sq.guestName;
+        if (email && name) {
+          recipientMap.set(email, { name, email });
+        }
+      }
+
+      return NextResponse.json(Array.from(recipientMap.values()));
+    }
+
+    return NextResponse.json({ error: 'Invalid type' }, { status: 400 });
+  } catch {
+    return NextResponse.json({ error: 'Failed to fetch' }, { status: 500 });
+  }
+}
+
+// Send emails
+export async function POST(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const role = (session.user as any).role;
+    if (role !== 'ADMIN' && role !== 'VIEWER') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { recipients, subject, body: emailBody } = body;
+
+    if (!recipients?.length || !subject || !emailBody) {
+      return NextResponse.json({ error: 'Missing required fields' }, { status: 400 });
+    }
+
+    const settings = await prisma.gameSettings.findUnique({
+      where: { id: 'singleton' },
+      include: { paymentMethods: true },
+    }) as any;
+
+    const gameUrl = process.env.NEXTAUTH_URL || 'http://localhost:3000';
+    const enabledPayments = settings?.paymentMethods?.filter((pm: any) => pm.enabled) || [];
+    const paymentMethodsText = enabledPayments.length > 0
+      ? enabledPayments.map((pm: any) => `${pm.type}: ${pm.value}`).join('\n')
+      : 'Contact the commissioner for payment details.';
+
+    // Look up ALL squares (unfiltered) for winner lookup, and filtered for recipient matching
+    const allSquares = await prisma.square.findMany({
+      include: { user: { select: { name: true, email: true } } },
+    });
+
+    // Look up winners for game_results template
+    const scores = await prisma.score.findUnique({ where: { id: 'singleton' } });
+    const gridNumbers = await prisma.gridNumber.findMany({ orderBy: { position: 'asc' } });
+    let winnersText = '';
+    if (scores && gridNumbers.length === 10) {
+      const { findWinnerPosition } = await import('@/lib/utils');
+      const totalPot = (settings?.betAmount || 0) * 100;
+      const quarters = [
+        { key: 'first', nfc: scores.nfcFirst, afc: scores.afcFirst, label: 'Q1', pct: settings?.winFirstPct || 20 },
+        { key: 'half', nfc: scores.nfcHalf, afc: scores.afcHalf, label: 'Q2 (Half)', pct: settings?.winSecondPct || 20 },
+        { key: 'third', nfc: scores.nfcThird, afc: scores.afcThird, label: 'Q3', pct: settings?.winThirdPct || 20 },
+        { key: 'final', nfc: scores.nfcFinal, afc: scores.afcFinal, label: 'Final', pct: settings?.winFinalPct || 30 },
+      ];
+      const lines: string[] = [];
+      for (const q of quarters) {
+        if (q.nfc !== null && q.afc !== null) {
+          const pos = findWinnerPosition(q.nfc, q.afc, gridNumbers);
+          if (pos) {
+            const sq = allSquares.find((s) => s.position === pos);
+            const winnerName = sq?.user?.name || sq?.guestName || 'Unknown';
+            const prize = (totalPot * q.pct / 100).toFixed(2);
+            lines.push(`${q.label}: ${winnerName} (Square ${pos}) - $${prize}`);
+          }
+        }
+      }
+      winnersText = lines.length > 0 ? lines.join('\n') : 'No winners determined yet.';
+    }
+
+    let sent = 0;
+    for (const recipient of recipients) {
+      // Find this recipient's squares
+      const recipientSquares = allSquares.filter(
+        (s) => (s.user?.email === recipient.email) || (s.guestEmail === recipient.email)
+      );
+      const positions = recipientSquares.map((s) => s.position);
+      const amountDue = ((settings?.betAmount || 10) * positions.length).toFixed(2);
+
+      const variables: Record<string, string> = {
+        name: recipient.name,
+        email: recipient.email,
+        squares: positions.join(', ') || 'None',
+        amountDue,
+        commissioner: settings?.commissioner || '',
+        eventName: settings?.eventName || '',
+        gameUrl,
+        graceHours: String(settings?.graceHours || 48),
+        paymentInstructions: settings?.paymentInstructions || '',
+        paymentMethods: paymentMethodsText,
+        winners: winnersText,
+        rulesText: settings?.rulesText || '',
+      };
+
+      const renderedSubject = renderTemplate(subject, variables);
+      const renderedBody = renderTemplate(emailBody, variables);
+
+      try {
+        await sendEmail(recipient.email, renderedSubject, renderedBody);
+        sent++;
+      } catch (err) {
+        console.error(`Failed to send to ${recipient.email}:`, err);
+      }
+    }
+
+    return NextResponse.json({ sent });
+  } catch (err: any) {
+    return NextResponse.json({ error: err.message || 'Send failed' }, { status: 500 });
+  }
+}
+
+// Send test email
+export async function PATCH(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { to } = body;
+
+    if (!to) {
+      return NextResponse.json({ error: 'Recipient email required' }, { status: 400 });
+    }
+
+    await sendEmail(to, 'Super Bowl Squares - Test Email', 'This is a test email from your Super Bowl Squares app. If you received this, your SMTP settings are configured correctly!');
+    return NextResponse.json({ success: true });
+  } catch (err: any) {
+    return NextResponse.json({ error: err.message || 'Test email failed' }, { status: 500 });
+  }
+}
+
+// Update templates or SMTP settings
+export async function PUT(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+
+    if (body.type === 'smtp') {
+      await prisma.emailSettings.upsert({
+        where: { id: 'singleton' },
+        update: {
+          smtpHost: body.smtpHost,
+          smtpPort: body.smtpPort,
+          smtpUser: body.smtpUser,
+          smtpPass: body.smtpPass,
+          useSsl: body.useSsl,
+          fromEmail: body.fromEmail,
+          fromName: body.fromName,
+        },
+        create: {
+          id: 'singleton',
+          smtpHost: body.smtpHost,
+          smtpPort: body.smtpPort,
+          smtpUser: body.smtpUser,
+          smtpPass: body.smtpPass,
+          useSsl: body.useSsl,
+          fromEmail: body.fromEmail,
+          fromName: body.fromName,
+        },
+      });
+
+      return NextResponse.json({ success: true });
+    }
+
+    if (body.type === 'template') {
+      if (body.id) {
+        await prisma.emailTemplate.update({
+          where: { id: body.id },
+          data: {
+            name: body.name,
+            subject: body.subject,
+            body: body.templateBody,
+          },
+        });
+      } else {
+        await prisma.emailTemplate.create({
+          data: {
+            name: body.name,
+            subject: body.subject,
+            body: body.templateBody,
+          },
+        });
+      }
+
+      return NextResponse.json({ success: true });
+    }
+
+    return NextResponse.json({ error: 'Invalid type' }, { status: 400 });
+  } catch {
+    return NextResponse.json({ error: 'Save failed' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/numbers/route.ts b/src/app/api/numbers/route.ts
new file mode 100644
index 0000000..100a879
--- /dev/null
+++ b/src/app/api/numbers/route.ts
@@ -0,0 +1,69 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+import { generateShuffledNumbers } from '@/lib/utils';
+import { sendNumbersAssignedEmails } from '@/lib/autoEmail';
+
+export async function GET() {
+  try {
+    const gridNumbers = await prisma.gridNumber.findMany({
+      orderBy: { position: 'asc' },
+    });
+
+    return NextResponse.json({ gridNumbers });
+  } catch {
+    return NextResponse.json({ error: 'Failed to fetch numbers' }, { status: 500 });
+  }
+}
+
+export async function POST() {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    // Check if numbers already exist
+    const existing = await prisma.gridNumber.count();
+    if (existing > 0) {
+      return NextResponse.json(
+        { error: 'Numbers have already been generated' },
+        { status: 400 }
+      );
+    }
+
+    // Check all 100 squares are claimed
+    const squares = await prisma.square.findMany();
+    const claimed = squares.filter((s) => s.userId || s.guestName).length;
+    if (claimed < 100) {
+      return NextResponse.json(
+        { error: `Only ${claimed}/100 squares are filled. All must be filled first.` },
+        { status: 400 }
+      );
+    }
+
+    // Generate shuffled numbers
+    const nfcNumbers = generateShuffledNumbers();
+    const afcNumbers = generateShuffledNumbers();
+
+    const gridNumbers = [];
+    for (let i = 0; i < 10; i++) {
+      const gn = await prisma.gridNumber.create({
+        data: {
+          position: i,
+          nfcNumber: nfcNumbers[i],
+          afcNumber: afcNumbers[i],
+        },
+      });
+      gridNumbers.push(gn);
+    }
+
+    // Send numbers assigned emails to all participants
+    sendNumbersAssignedEmails();
+
+    return NextResponse.json({ gridNumbers });
+  } catch {
+    return NextResponse.json({ error: 'Failed to generate numbers' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/scores/route.ts b/src/app/api/scores/route.ts
new file mode 100644
index 0000000..1406ae5
--- /dev/null
+++ b/src/app/api/scores/route.ts
@@ -0,0 +1,113 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+import { findWinnerPosition } from '@/lib/utils';
+import { sendGameResultsEmails } from '@/lib/autoEmail';
+
+export async function GET() {
+  try {
+    const scores = await prisma.score.findUnique({
+      where: { id: 'singleton' },
+    });
+
+    const gridNumbers = await prisma.gridNumber.findMany({
+      orderBy: { position: 'asc' },
+    });
+
+    let winners = null;
+    if (scores && gridNumbers.length === 10) {
+      winners = await calculateWinners(scores, gridNumbers);
+    }
+
+    return NextResponse.json({ scores, winners });
+  } catch {
+    return NextResponse.json({ error: 'Failed to fetch scores' }, { status: 500 });
+  }
+}
+
+export async function PUT(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const role = (session.user as any).role;
+    if (role !== 'ADMIN' && role !== 'VIEWER') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+
+    const scores = await prisma.score.upsert({
+      where: { id: 'singleton' },
+      update: body,
+      create: { id: 'singleton', ...body },
+    });
+
+    // Calculate and mark winners
+    const gridNumbers = await prisma.gridNumber.findMany({
+      orderBy: { position: 'asc' },
+    });
+
+    let winners = null;
+    if (gridNumbers.length === 10) {
+      // Reset all wins first
+      await prisma.square.updateMany({
+        data: { firstWin: false, halfWin: false, thirdWin: false, finalWin: false },
+      });
+
+      winners = await calculateWinners(scores, gridNumbers);
+
+      // Send game results email when final scores are entered
+      if (body.nfcFinal !== undefined && body.afcFinal !== undefined && winners) {
+        sendGameResultsEmails(winners);
+      }
+    }
+
+    return NextResponse.json({ scores, winners });
+  } catch {
+    return NextResponse.json({ error: 'Failed to save scores' }, { status: 500 });
+  }
+}
+
+async function calculateWinners(
+  scores: any,
+  gridNumbers: { position: number; nfcNumber: number; afcNumber: number }[]
+) {
+  const winners: any = {};
+
+  const quarters = [
+    { key: 'first', nfc: scores.nfcFirst, afc: scores.afcFirst, field: 'firstWin' },
+    { key: 'half', nfc: scores.nfcHalf, afc: scores.afcHalf, field: 'halfWin' },
+    { key: 'third', nfc: scores.nfcThird, afc: scores.afcThird, field: 'thirdWin' },
+    { key: 'final', nfc: scores.nfcFinal, afc: scores.afcFinal, field: 'finalWin' },
+  ];
+
+  for (const q of quarters) {
+    if (q.nfc !== null && q.afc !== null) {
+      const pos = findWinnerPosition(q.nfc, q.afc, gridNumbers);
+      if (pos) {
+        const square = await prisma.square.findUnique({
+          where: { position: pos },
+          include: { user: { select: { name: true } } },
+        });
+
+        if (square) {
+          await prisma.square.update({
+            where: { position: pos },
+            data: { [q.field]: true },
+          });
+
+          winners[q.key] = {
+            position: pos,
+            name: square.user?.name || square.guestName || 'Unknown',
+          };
+        }
+      }
+    }
+  }
+
+  return winners;
+}
diff --git a/src/app/api/settings/route.ts b/src/app/api/settings/route.ts
new file mode 100644
index 0000000..1221df8
--- /dev/null
+++ b/src/app/api/settings/route.ts
@@ -0,0 +1,60 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+
+export async function GET() {
+  try {
+    const settings = await prisma.gameSettings.findUnique({
+      where: { id: 'singleton' },
+      include: { paymentMethods: true },
+    });
+
+    return NextResponse.json(settings || {});
+  } catch {
+    return NextResponse.json({ error: 'Failed to fetch settings' }, { status: 500 });
+  }
+}
+
+export async function PUT(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { paymentMethods, ...settingsData } = body;
+
+    // Update settings
+    await prisma.gameSettings.upsert({
+      where: { id: 'singleton' },
+      update: settingsData,
+      create: { id: 'singleton', ...settingsData },
+    });
+
+    // Update payment methods
+    if (paymentMethods) {
+      // Delete existing
+      await prisma.paymentMethod.deleteMany({
+        where: { gameSettingsId: 'singleton' },
+      });
+
+      // Create new
+      for (const pm of paymentMethods) {
+        await prisma.paymentMethod.create({
+          data: {
+            gameSettingsId: 'singleton',
+            type: pm.type,
+            value: pm.value,
+            enabled: pm.enabled ?? true,
+          },
+        });
+      }
+    }
+
+    return NextResponse.json({ success: true });
+  } catch {
+    return NextResponse.json({ error: 'Failed to save settings' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/setup/route.ts b/src/app/api/setup/route.ts
new file mode 100644
index 0000000..06cac48
--- /dev/null
+++ b/src/app/api/setup/route.ts
@@ -0,0 +1,108 @@
+import { NextResponse } from 'next/server';
+import { hash } from 'bcryptjs';
+import { prisma } from '@/lib/prisma';
+
+export async function POST(request: Request) {
+  try {
+    // Check if any admin already exists
+    const existingAdmin = await prisma.user.findFirst({
+      where: { role: 'ADMIN' },
+    });
+
+    if (existingAdmin) {
+      return NextResponse.json(
+        { error: 'Setup has already been completed' },
+        { status: 400 }
+      );
+    }
+
+    const body = await request.json();
+    const { admin, settings } = body;
+
+    if (!admin?.name || !admin?.email || !admin?.password) {
+      return NextResponse.json(
+        { error: 'Admin name, email, and password are required' },
+        { status: 400 }
+      );
+    }
+
+    if (admin.password.length < 8) {
+      return NextResponse.json(
+        { error: 'Password must be at least 8 characters' },
+        { status: 400 }
+      );
+    }
+
+    const passwordHash = await hash(admin.password, 12);
+
+    // Create admin user
+    await prisma.user.create({
+      data: {
+        name: admin.name,
+        email: admin.email,
+        passwordHash,
+        role: 'ADMIN',
+      },
+    });
+
+    // Update game settings
+    if (settings) {
+      await prisma.gameSettings.upsert({
+        where: { id: 'singleton' },
+        update: {
+          title: settings.title || 'Super Bowl Squares',
+          commissioner: settings.commissioner || '',
+          eventName: settings.eventName || 'Super Bowl',
+          betAmount: settings.betAmount || 10,
+        },
+        create: {
+          id: 'singleton',
+          title: settings.title || 'Super Bowl Squares',
+          commissioner: settings.commissioner || '',
+          eventName: settings.eventName || 'Super Bowl',
+          betAmount: settings.betAmount || 10,
+        },
+      });
+    }
+
+    // Ensure 100 squares exist
+    for (let row = 0; row < 10; row++) {
+      for (let col = 0; col < 10; col++) {
+        const position = `${row}${col}`;
+        await prisma.square.upsert({
+          where: { position },
+          update: {},
+          create: { position },
+        });
+      }
+    }
+
+    // Ensure score row exists
+    await prisma.score.upsert({
+      where: { id: 'singleton' },
+      update: {},
+      create: { id: 'singleton' },
+    });
+
+    // Ensure email settings exist
+    await prisma.emailSettings.upsert({
+      where: { id: 'singleton' },
+      update: {},
+      create: { id: 'singleton' },
+    });
+
+    return NextResponse.json({ success: true });
+  } catch (error: any) {
+    console.error('Setup error:', error);
+    if (error.code === 'P2002') {
+      return NextResponse.json(
+        { error: 'An account with this email already exists' },
+        { status: 400 }
+      );
+    }
+    return NextResponse.json(
+      { error: 'Setup failed' },
+      { status: 500 }
+    );
+  }
+}
diff --git a/src/app/api/squares/route.ts b/src/app/api/squares/route.ts
new file mode 100644
index 0000000..c1cea88
--- /dev/null
+++ b/src/app/api/squares/route.ts
@@ -0,0 +1,220 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+import { sendPurchaseConfirmationEmail, sendSquareConfirmedEmail, sendSquareReleasedEmail } from '@/lib/autoEmail';
+
+// Get all squares
+export async function GET() {
+  try {
+    const squares = await prisma.square.findMany({
+      include: { user: { select: { name: true, id: true, email: true } } },
+      orderBy: { position: 'asc' },
+    });
+
+    return NextResponse.json(squares);
+  } catch {
+    return NextResponse.json({ error: 'Failed to fetch squares' }, { status: 500 });
+  }
+}
+
+// Purchase squares (guest or authenticated player)
+export async function POST(request: Request) {
+  try {
+    const body = await request.json();
+    const { positions, guestName, guestEmail, notes } = body;
+
+    if (!positions || !Array.isArray(positions) || positions.length === 0) {
+      return NextResponse.json({ error: 'No squares selected' }, { status: 400 });
+    }
+
+    if (positions.length > 10) {
+      return NextResponse.json(
+        { error: 'Maximum 10 squares per submission' },
+        { status: 400 }
+      );
+    }
+
+    const session = await getServerSession(authOptions);
+
+    // Guest purchases require name and email
+    if (!session && (!guestName || !guestEmail)) {
+      return NextResponse.json(
+        { error: 'Name and email are required for guest purchases' },
+        { status: 400 }
+      );
+    }
+
+    // Check all selected squares are available
+    const existingSquares = await prisma.square.findMany({
+      where: {
+        position: { in: positions },
+      },
+    });
+
+    const unavailable = existingSquares.filter(
+      (s) => s.userId || s.guestName
+    );
+
+    if (unavailable.length > 0) {
+      return NextResponse.json(
+        {
+          error: `Squares already taken: ${unavailable.map((s) => s.position).join(', ')}`,
+        },
+        { status: 400 }
+      );
+    }
+
+    // Purchase the squares
+    const now = new Date();
+    for (const position of positions) {
+      await prisma.square.update({
+        where: { position },
+        data: {
+          userId: session ? (session.user as any).id : null,
+          guestName: session ? null : guestName,
+          guestEmail: session ? null : guestEmail,
+          notes: notes || null,
+          signupDate: now,
+          confirmed: false,
+        },
+      });
+    }
+
+    // Send purchase confirmation email
+    const buyerName = session ? session.user?.name || 'Player' : guestName;
+    const buyerEmail = session ? session.user?.email : guestEmail;
+    if (buyerEmail && buyerName) {
+      sendPurchaseConfirmationEmail(buyerName, buyerEmail, positions);
+    }
+
+    return NextResponse.json({ success: true, count: positions.length });
+  } catch {
+    return NextResponse.json({ error: 'Purchase failed' }, { status: 500 });
+  }
+}
+
+// Admin update square (confirm, release, edit)
+export async function PATCH(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const role = (session.user as any).role;
+    if (role !== 'ADMIN' && role !== 'VIEWER') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const { position, action, guestName, guestEmail, notes } = body;
+
+    if (action === 'bulk-reserve') {
+      const { positions } = body;
+      if (!positions || !Array.isArray(positions) || positions.length === 0) {
+        return NextResponse.json({ error: 'Positions array required' }, { status: 400 });
+      }
+
+      // Validate all positions exist and are available
+      const existingSquares = await prisma.square.findMany({
+        where: { position: { in: positions } },
+      });
+
+      const unavailable = existingSquares.filter((s) => s.userId || s.guestName);
+      if (unavailable.length > 0) {
+        return NextResponse.json(
+          { error: `Squares already taken: ${unavailable.map((s) => s.position).join(', ')}` },
+          { status: 400 }
+        );
+      }
+
+      const now = new Date();
+      for (const pos of positions) {
+        await prisma.square.update({
+          where: { position: pos },
+          data: {
+            guestName: guestName || 'Reserved',
+            guestEmail: guestEmail || null,
+            notes: notes || null,
+            confirmed: true,
+            signupDate: now,
+          },
+        });
+      }
+
+      return NextResponse.json({ success: true, count: positions.length });
+    }
+
+    if (!position) {
+      return NextResponse.json({ error: 'Position required' }, { status: 400 });
+    }
+
+    const square = await prisma.square.findUnique({
+      where: { position },
+      include: { user: { select: { name: true, email: true } } },
+    });
+    if (!square) {
+      return NextResponse.json({ error: 'Square not found' }, { status: 404 });
+    }
+
+    if (action === 'confirm') {
+      await prisma.square.update({
+        where: { position },
+        data: { confirmed: true },
+      });
+      sendSquareConfirmedEmail(position);
+    } else if (action === 'release') {
+      // Capture info before clearing
+      const releaseName = square.user?.name || square.guestName;
+      const releaseEmail = square.user?.email || square.guestEmail;
+
+      await prisma.square.update({
+        where: { position },
+        data: {
+          userId: null,
+          guestName: null,
+          guestEmail: null,
+          notes: null,
+          confirmed: false,
+          signupDate: null,
+          firstWin: false,
+          halfWin: false,
+          thirdWin: false,
+          finalWin: false,
+          reminderSent: false,
+        },
+      });
+
+      if (releaseName && releaseEmail) {
+        sendSquareReleasedEmail(releaseName, releaseEmail, position);
+      }
+    } else if (action === 'reserve') {
+      await prisma.square.update({
+        where: { position },
+        data: {
+          guestName: guestName || 'Reserved',
+          guestEmail: guestEmail || null,
+          notes: notes || null,
+          confirmed: true,
+          signupDate: new Date(),
+        },
+      });
+    } else if (action === 'edit') {
+      await prisma.square.update({
+        where: { position },
+        data: {
+          guestName: guestName !== undefined ? guestName : undefined,
+          guestEmail: guestEmail !== undefined ? guestEmail : undefined,
+          notes: notes !== undefined ? notes : undefined,
+        },
+      });
+    } else {
+      return NextResponse.json({ error: 'Invalid action' }, { status: 400 });
+    }
+
+    return NextResponse.json({ success: true });
+  } catch {
+    return NextResponse.json({ error: 'Update failed' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/upload/route.ts b/src/app/api/upload/route.ts
new file mode 100644
index 0000000..f236fe9
--- /dev/null
+++ b/src/app/api/upload/route.ts
@@ -0,0 +1,86 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { authOptions } from '@/lib/auth';
+import { writeFile, readdir } from 'fs/promises';
+import path from 'path';
+import { existsSync } from 'fs';
+
+const UPLOADS_DIR = path.join(process.cwd(), 'public', 'uploads');
+const IMAGES_DIR = path.join(process.cwd(), 'public', 'images');
+
+const ALLOWED_TYPES = ['image/png', 'image/jpeg', 'image/gif', 'image/webp', 'image/svg+xml'];
+const MAX_SIZE = 5 * 1024 * 1024; // 5MB
+
+export async function POST(request: Request) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const formData = await request.formData();
+    const file = formData.get('file') as File | null;
+
+    if (!file) {
+      return NextResponse.json({ error: 'No file provided' }, { status: 400 });
+    }
+
+    if (!ALLOWED_TYPES.includes(file.type)) {
+      return NextResponse.json({ error: 'Invalid file type. Allowed: PNG, JPEG, GIF, WebP, SVG' }, { status: 400 });
+    }
+
+    if (file.size > MAX_SIZE) {
+      return NextResponse.json({ error: 'File too large. Max 5MB.' }, { status: 400 });
+    }
+
+    // Sanitize filename: keep only alphanumeric, hyphens, underscores, dots
+    const ext = path.extname(file.name).toLowerCase();
+    const baseName = path.basename(file.name, ext).replace(/[^a-zA-Z0-9_-]/g, '_');
+    const timestamp = Date.now();
+    const fileName = `${baseName}_${timestamp}${ext}`;
+
+    const bytes = await file.arrayBuffer();
+    const buffer = Buffer.from(bytes);
+
+    await writeFile(path.join(UPLOADS_DIR, fileName), buffer);
+
+    return NextResponse.json({ url: `/uploads/${fileName}` });
+  } catch {
+    return NextResponse.json({ error: 'Upload failed' }, { status: 500 });
+  }
+}
+
+export async function GET() {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const images: { url: string; name: string; category: string }[] = [];
+
+    // List uploaded images
+    if (existsSync(UPLOADS_DIR)) {
+      const uploads = await readdir(UPLOADS_DIR);
+      for (const file of uploads) {
+        if (/\.(png|jpe?g|gif|webp|svg)$/i.test(file)) {
+          images.push({ url: `/uploads/${file}`, name: file, category: 'uploads' });
+        }
+      }
+    }
+
+    // List stock images
+    if (existsSync(IMAGES_DIR)) {
+      const stock = await readdir(IMAGES_DIR);
+      for (const file of stock) {
+        if (/\.(png|jpe?g|gif|webp|svg)$/i.test(file)) {
+          images.push({ url: `/images/${file}`, name: file, category: 'stock' });
+        }
+      }
+    }
+
+    return NextResponse.json({ images });
+  } catch {
+    return NextResponse.json({ error: 'Failed to list images' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/users/[id]/route.ts b/src/app/api/users/[id]/route.ts
new file mode 100644
index 0000000..ebecf19
--- /dev/null
+++ b/src/app/api/users/[id]/route.ts
@@ -0,0 +1,82 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { hash } from 'bcryptjs';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+
+// Update user (admin or self)
+export async function PATCH(
+  request: Request,
+  { params }: { params: { id: string } }
+) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
+    }
+
+    const isAdmin = (session.user as any).role === 'ADMIN';
+    const isSelf = (session.user as any).id === params.id;
+
+    if (!isAdmin && !isSelf) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const body = await request.json();
+    const updateData: any = {};
+
+    // Players can only update their own name and password
+    if (body.name) updateData.name = body.name;
+    if (body.password) {
+      if (body.password.length < 8) {
+        return NextResponse.json(
+          { error: 'Password must be at least 8 characters' },
+          { status: 400 }
+        );
+      }
+      updateData.passwordHash = await hash(body.password, 12);
+    }
+
+    // Only admins can change roles
+    if (body.role && isAdmin) {
+      updateData.role = body.role;
+    }
+
+    const user = await prisma.user.update({
+      where: { id: params.id },
+      data: updateData,
+      select: { id: true, name: true, email: true, role: true },
+    });
+
+    return NextResponse.json(user);
+  } catch {
+    return NextResponse.json({ error: 'Update failed' }, { status: 500 });
+  }
+}
+
+// Delete user (admin only)
+export async function DELETE(
+  _request: Request,
+  { params }: { params: { id: string } }
+) {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    // Don't allow deleting yourself
+    if ((session.user as any).id === params.id) {
+      return NextResponse.json(
+        { error: 'Cannot delete your own account' },
+        { status: 400 }
+      );
+    }
+
+    await prisma.user.delete({ where: { id: params.id } });
+
+    return NextResponse.json({ success: true });
+  } catch {
+    return NextResponse.json({ error: 'Delete failed' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/users/route.ts b/src/app/api/users/route.ts
new file mode 100644
index 0000000..7578d89
--- /dev/null
+++ b/src/app/api/users/route.ts
@@ -0,0 +1,94 @@
+import { NextResponse } from 'next/server';
+import { getServerSession } from 'next-auth';
+import { hash } from 'bcryptjs';
+import { prisma } from '@/lib/prisma';
+import { authOptions } from '@/lib/auth';
+import { sendWelcomeEmail } from '@/lib/autoEmail';
+
+// Register a new player (public) or admin creates user (authenticated)
+export async function POST(request: Request) {
+  try {
+    const body = await request.json();
+    const { name, email, password, role } = body;
+
+    if (!name || !email || !password) {
+      return NextResponse.json(
+        { error: 'Name, email, and password are required' },
+        { status: 400 }
+      );
+    }
+
+    if (password.length < 8) {
+      return NextResponse.json(
+        { error: 'Password must be at least 8 characters' },
+        { status: 400 }
+      );
+    }
+
+    // Only admins can create non-PLAYER accounts
+    const assignedRole = role || 'PLAYER';
+    if (assignedRole !== 'PLAYER') {
+      const session = await getServerSession(authOptions);
+      if (!session || (session.user as any).role !== 'ADMIN') {
+        return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+      }
+    }
+
+    const passwordHash = await hash(password, 12);
+
+    const user = await prisma.user.create({
+      data: {
+        name,
+        email,
+        passwordHash,
+        role: assignedRole,
+      },
+    });
+
+    // Send welcome email for new players
+    if (user.role === 'PLAYER') {
+      sendWelcomeEmail(user.name, user.email);
+    }
+
+    return NextResponse.json({
+      id: user.id,
+      name: user.name,
+      email: user.email,
+      role: user.role,
+    });
+  } catch (error: any) {
+    if (error.code === 'P2002') {
+      return NextResponse.json(
+        { error: 'An account with this email already exists' },
+        { status: 400 }
+      );
+    }
+    return NextResponse.json({ error: 'Registration failed' }, { status: 500 });
+  }
+}
+
+// List all users (admin only)
+export async function GET() {
+  try {
+    const session = await getServerSession(authOptions);
+    if (!session || (session.user as any).role !== 'ADMIN') {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 403 });
+    }
+
+    const users = await prisma.user.findMany({
+      select: {
+        id: true,
+        name: true,
+        email: true,
+        role: true,
+        createdAt: true,
+        _count: { select: { squares: true } },
+      },
+      orderBy: { createdAt: 'desc' },
+    });
+
+    return NextResponse.json(users);
+  } catch {
+    return NextResponse.json({ error: 'Failed to fetch users' }, { status: 500 });
+  }
+}
diff --git a/src/app/globals.css b/src/app/globals.css
new file mode 100644
index 0000000..17f5c23
--- /dev/null
+++ b/src/app/globals.css
@@ -0,0 +1,39 @@
+@tailwind base;
+@tailwind components;
+@tailwind utilities;
+
+@layer base {
+  body {
+    @apply bg-gray-950 text-white antialiased;
+  }
+}
+
+@layer components {
+  .btn-primary {
+    @apply bg-primary-600 hover:bg-primary-500 text-white font-medium py-2 px-4 rounded-lg transition-all shadow-md shadow-primary-900/30 disabled:opacity-50 disabled:cursor-not-allowed;
+  }
+
+  .btn-secondary {
+    @apply bg-gray-700 hover:bg-gray-600 text-white font-medium py-2 px-4 rounded-lg transition-colors disabled:opacity-50 disabled:cursor-not-allowed;
+  }
+
+  .btn-danger {
+    @apply bg-red-600 hover:bg-red-700 text-white font-medium py-2 px-4 rounded-lg transition-colors disabled:opacity-50 disabled:cursor-not-allowed;
+  }
+
+  .btn-success {
+    @apply bg-green-600 hover:bg-green-700 text-white font-medium py-2 px-4 rounded-lg transition-colors disabled:opacity-50 disabled:cursor-not-allowed;
+  }
+
+  .input-field {
+    @apply w-full bg-gray-800/80 border border-gray-700/60 rounded-lg px-3 py-2 text-white placeholder-gray-500 focus:outline-none focus:ring-2 focus:ring-primary-500/60 focus:border-transparent transition-all;
+  }
+
+  .card {
+    @apply bg-gray-900/80 border border-gray-800/60 rounded-xl p-6 shadow-lg shadow-black/20;
+  }
+
+  .card-elevated {
+    @apply bg-gray-900/90 border border-gray-700/40 rounded-xl p-6 shadow-xl shadow-black/30;
+  }
+}
diff --git a/src/app/layout.tsx b/src/app/layout.tsx
new file mode 100644
index 0000000..e90da6f
--- /dev/null
+++ b/src/app/layout.tsx
@@ -0,0 +1,28 @@
+import type { Metadata } from 'next';
+import { Inter } from 'next/font/google';
+import './globals.css';
+import { Providers } from '@/components/Providers';
+
+const inter = Inter({ subsets: ['latin'] });
+
+export const metadata: Metadata = {
+  title: 'Super Bowl Squares',
+  description: 'Super Bowl Squares - Pick your squares and win!',
+  icons: {
+    icon: '/images/superbowlnumber.png',
+  },
+};
+
+export default function RootLayout({
+  children,
+}: {
+  children: React.ReactNode;
+}) {
+  return (
+    <html lang="en">
+      <body className={inter.className}>
+        <Providers>{children}</Providers>
+      </body>
+    </html>
+  );
+}
diff --git a/src/app/login/page.tsx b/src/app/login/page.tsx
new file mode 100644
index 0000000..9846222
--- /dev/null
+++ b/src/app/login/page.tsx
@@ -0,0 +1,94 @@
+'use client';
+
+import { useState } from 'react';
+import { signIn } from 'next-auth/react';
+import { useRouter } from 'next/navigation';
+import { Input } from '@/components/ui/Input';
+import { Button } from '@/components/ui/Button';
+import Link from 'next/link';
+import Image from 'next/image';
+
+export default function LoginPage() {
+  const router = useRouter();
+  const [email, setEmail] = useState('');
+  const [password, setPassword] = useState('');
+  const [error, setError] = useState('');
+  const [loading, setLoading] = useState(false);
+
+  const handleSubmit = async (e: React.FormEvent) => {
+    e.preventDefault();
+    setLoading(true);
+    setError('');
+
+    const result = await signIn('credentials', {
+      email,
+      password,
+      redirect: false,
+    });
+
+    setLoading(false);
+
+    if (result?.error) {
+      setError('Invalid email or password');
+    } else {
+      router.push('/');
+      router.refresh();
+    }
+  };
+
+  return (
+    <div className="min-h-screen flex items-center justify-center px-4">
+      <div className="w-full max-w-sm">
+        <div className="text-center mb-8">
+          <Image
+            src="/images/superbowlnumber.png"
+            alt="Super Bowl"
+            width={60}
+            height={60}
+            className="mx-auto mb-4"
+          />
+          <h1 className="text-2xl font-bold">Sign In</h1>
+        </div>
+
+        <form onSubmit={handleSubmit} className="card space-y-4">
+          {error && (
+            <div className="bg-red-900/50 border border-red-700 rounded-lg px-4 py-2 text-sm text-red-300">
+              {error}
+            </div>
+          )}
+
+          <Input
+            id="email"
+            label="Email"
+            type="email"
+            value={email}
+            onChange={(e) => setEmail(e.target.value)}
+            placeholder="your@email.com"
+            required
+          />
+
+          <Input
+            id="password"
+            label="Password"
+            type="password"
+            value={password}
+            onChange={(e) => setPassword(e.target.value)}
+            placeholder="Your password"
+            required
+          />
+
+          <Button type="submit" loading={loading} className="w-full">
+            Sign In
+          </Button>
+
+          <p className="text-center text-sm text-gray-400">
+            Don&apos;t have an account?{' '}
+            <Link href="/register" className="text-primary-400 hover:text-primary-300">
+              Register
+            </Link>
+          </p>
+        </form>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/my-squares/page.tsx b/src/app/my-squares/page.tsx
new file mode 100644
index 0000000..b228da3
--- /dev/null
+++ b/src/app/my-squares/page.tsx
@@ -0,0 +1,99 @@
+'use client';
+
+import { useSession } from 'next-auth/react';
+import { useEffect, useState } from 'react';
+import Link from 'next/link';
+
+interface Square {
+  position: string;
+  confirmed: boolean;
+  firstWin: boolean;
+  halfWin: boolean;
+  thirdWin: boolean;
+  finalWin: boolean;
+  signupDate: string | null;
+}
+
+export default function MySquaresPage() {
+  const { data: session } = useSession();
+  const [squares, setSquares] = useState<Square[]>([]);
+  const [loading, setLoading] = useState(true);
+
+  useEffect(() => {
+    fetch('/api/squares')
+      .then((res) => res.json())
+      .then((data) => {
+        const mySquares = data.filter(
+          (s: any) => s.userId === (session?.user as any)?.id
+        );
+        setSquares(mySquares);
+      })
+      .catch(console.error)
+      .finally(() => setLoading(false));
+  }, [session]);
+
+  if (loading) {
+    return (
+      <div className="min-h-screen flex items-center justify-center">
+        <p className="text-gray-400">Loading...</p>
+      </div>
+    );
+  }
+
+  return (
+    <div className="min-h-screen px-4 py-8">
+      <div className="max-w-2xl mx-auto">
+        <div className="flex items-center justify-between mb-6">
+          <h1 className="text-2xl font-bold">My Squares</h1>
+          <Link href="/" className="btn-secondary text-sm">
+            Back to Grid
+          </Link>
+        </div>
+
+        {squares.length === 0 ? (
+          <div className="card text-center">
+            <p className="text-gray-400">You haven&apos;t purchased any squares yet.</p>
+            <Link href="/" className="btn-primary mt-4 inline-block">
+              Go to Grid
+            </Link>
+          </div>
+        ) : (
+          <div className="space-y-3">
+            {squares.map((sq) => {
+              const wins = [];
+              if (sq.firstWin) wins.push('Q1');
+              if (sq.halfWin) wins.push('Q2');
+              if (sq.thirdWin) wins.push('Q3');
+              if (sq.finalWin) wins.push('Final');
+
+              return (
+                <div key={sq.position} className="card flex items-center justify-between">
+                  <div>
+                    <span className="text-lg font-bold">Square {sq.position}</span>
+                    <span
+                      className={`ml-3 text-xs px-2 py-0.5 rounded-full ${
+                        sq.confirmed
+                          ? 'bg-green-900 text-green-300'
+                          : 'bg-yellow-900 text-yellow-300'
+                      }`}
+                    >
+                      {sq.confirmed ? 'Confirmed' : 'Pending'}
+                    </span>
+                  </div>
+                  {wins.length > 0 && (
+                    <span className="text-yellow-400 font-bold text-sm">
+                      Winner: {wins.join(', ')}
+                    </span>
+                  )}
+                </div>
+              );
+            })}
+            <p className="text-sm text-gray-500 text-center mt-4">
+              {squares.length} square{squares.length !== 1 ? 's' : ''} total
+            </p>
+          </div>
+        )}
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/page.tsx b/src/app/page.tsx
new file mode 100644
index 0000000..67e28fc
--- /dev/null
+++ b/src/app/page.tsx
@@ -0,0 +1,81 @@
+import { redirect } from 'next/navigation';
+import { prisma } from '@/lib/prisma';
+import { SquareGrid } from '@/components/grid/SquareGrid';
+import { GridHeader } from '@/components/grid/GridHeader';
+import { ChatWindow } from '@/components/chat/ChatWindow';
+import { findWinnerPosition } from '@/lib/utils';
+
+export const dynamic = 'force-dynamic';
+
+export default async function HomePage() {
+  // Redirect to setup if no admin account exists yet
+  const adminCount = await prisma.user.count({ where: { role: 'ADMIN' } });
+  if (adminCount === 0) {
+    redirect('/setup');
+  }
+
+  const settings = await prisma.gameSettings.findUnique({
+    where: { id: 'singleton' },
+  });
+
+  const squares = await prisma.square.findMany({
+    include: { user: { select: { name: true, id: true } } },
+    orderBy: { position: 'asc' },
+  });
+
+  const gridNumbers = await prisma.gridNumber.findMany({
+    orderBy: { position: 'asc' },
+  });
+
+  const scores = await prisma.score.findUnique({
+    where: { id: 'singleton' },
+  });
+
+  // Calculate winners for display
+  let winners: Record<string, { position: string; name: string }> | null = null;
+  if (scores && gridNumbers.length === 10) {
+    winners = {};
+    const quarters = [
+      { key: 'first', nfc: scores.nfcFirst, afc: scores.afcFirst },
+      { key: 'half', nfc: scores.nfcHalf, afc: scores.afcHalf },
+      { key: 'third', nfc: scores.nfcThird, afc: scores.afcThird },
+      { key: 'final', nfc: scores.nfcFinal, afc: scores.afcFinal },
+    ];
+    for (const q of quarters) {
+      if (q.nfc !== null && q.afc !== null) {
+        const pos = findWinnerPosition(q.nfc, q.afc, gridNumbers);
+        if (pos) {
+          const sq = squares.find((s) => s.position === pos);
+          if (sq) {
+            winners[q.key] = {
+              position: pos,
+              name: sq.user?.name || sq.guestName || 'Unknown',
+            };
+          }
+        }
+      }
+    }
+  }
+
+  return (
+    <main className="min-h-screen bg-gradient-to-b from-gray-950 via-gray-950 to-black">
+      <GridHeader settings={settings} />
+      <div className="max-w-7xl mx-auto px-4 py-6">
+        <div className="grid grid-cols-1 lg:grid-cols-3 gap-6">
+          <div className="lg:col-span-2">
+            <SquareGrid
+              squares={squares}
+              gridNumbers={gridNumbers}
+              settings={settings}
+              scores={scores}
+              winners={winners}
+            />
+          </div>
+          <div className="lg:col-span-1">
+            <ChatWindow />
+          </div>
+        </div>
+      </div>
+    </main>
+  );
+}
diff --git a/src/app/register/page.tsx b/src/app/register/page.tsx
new file mode 100644
index 0000000..a8df1b4
--- /dev/null
+++ b/src/app/register/page.tsx
@@ -0,0 +1,128 @@
+'use client';
+
+import { useState } from 'react';
+import { useRouter } from 'next/navigation';
+import { Input } from '@/components/ui/Input';
+import { Button } from '@/components/ui/Button';
+import Link from 'next/link';
+import Image from 'next/image';
+
+export default function RegisterPage() {
+  const router = useRouter();
+  const [name, setName] = useState('');
+  const [email, setEmail] = useState('');
+  const [password, setPassword] = useState('');
+  const [confirmPassword, setConfirmPassword] = useState('');
+  const [error, setError] = useState('');
+  const [loading, setLoading] = useState(false);
+
+  const handleSubmit = async (e: React.FormEvent) => {
+    e.preventDefault();
+    if (password !== confirmPassword) {
+      setError('Passwords do not match');
+      return;
+    }
+    if (password.length < 8) {
+      setError('Password must be at least 8 characters');
+      return;
+    }
+
+    setLoading(true);
+    setError('');
+
+    try {
+      const res = await fetch('/api/users', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({ name, email, password, role: 'PLAYER' }),
+      });
+
+      if (!res.ok) {
+        const data = await res.json();
+        throw new Error(data.error || 'Registration failed');
+      }
+
+      router.push('/login');
+    } catch (err: any) {
+      setError(err.message);
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  return (
+    <div className="min-h-screen flex items-center justify-center px-4">
+      <div className="w-full max-w-sm">
+        <div className="text-center mb-8">
+          <Image
+            src="/images/superbowlnumber.png"
+            alt="Super Bowl"
+            width={60}
+            height={60}
+            className="mx-auto mb-4"
+          />
+          <h1 className="text-2xl font-bold">Create Account</h1>
+          <p className="text-gray-400 text-sm mt-1">Register as a player</p>
+        </div>
+
+        <form onSubmit={handleSubmit} className="card space-y-4">
+          {error && (
+            <div className="bg-red-900/50 border border-red-700 rounded-lg px-4 py-2 text-sm text-red-300">
+              {error}
+            </div>
+          )}
+
+          <Input
+            id="name"
+            label="Name"
+            value={name}
+            onChange={(e) => setName(e.target.value)}
+            placeholder="Your name"
+            required
+          />
+
+          <Input
+            id="email"
+            label="Email"
+            type="email"
+            value={email}
+            onChange={(e) => setEmail(e.target.value)}
+            placeholder="your@email.com"
+            required
+          />
+
+          <Input
+            id="password"
+            label="Password"
+            type="password"
+            value={password}
+            onChange={(e) => setPassword(e.target.value)}
+            placeholder="At least 8 characters"
+            required
+          />
+
+          <Input
+            id="confirmPassword"
+            label="Confirm Password"
+            type="password"
+            value={confirmPassword}
+            onChange={(e) => setConfirmPassword(e.target.value)}
+            placeholder="Confirm your password"
+            required
+          />
+
+          <Button type="submit" loading={loading} className="w-full">
+            Register
+          </Button>
+
+          <p className="text-center text-sm text-gray-400">
+            Already have an account?{' '}
+            <Link href="/login" className="text-primary-400 hover:text-primary-300">
+              Sign In
+            </Link>
+          </p>
+        </form>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/setup/page.tsx b/src/app/setup/page.tsx
new file mode 100644
index 0000000..6b1076f
--- /dev/null
+++ b/src/app/setup/page.tsx
@@ -0,0 +1,191 @@
+'use client';
+
+import { useState } from 'react';
+import { useRouter } from 'next/navigation';
+import { Input } from '@/components/ui/Input';
+import { Button } from '@/components/ui/Button';
+import Image from 'next/image';
+
+export default function SetupPage() {
+  const router = useRouter();
+  const [step, setStep] = useState(1);
+  const [loading, setLoading] = useState(false);
+  const [error, setError] = useState('');
+
+  // Admin account fields
+  const [adminName, setAdminName] = useState('');
+  const [adminEmail, setAdminEmail] = useState('');
+  const [adminPassword, setAdminPassword] = useState('');
+  const [adminConfirmPassword, setAdminConfirmPassword] = useState('');
+
+  // Game settings fields
+  const [title, setTitle] = useState('Super Bowl Squares');
+  const [commissioner, setCommissioner] = useState('');
+  const [eventName, setEventName] = useState('Super Bowl');
+  const [betAmount, setBetAmount] = useState('10');
+
+  const handleSubmit = async () => {
+    if (step === 1) {
+      if (!adminName || !adminEmail || !adminPassword) {
+        setError('All fields are required');
+        return;
+      }
+      if (adminPassword !== adminConfirmPassword) {
+        setError('Passwords do not match');
+        return;
+      }
+      if (adminPassword.length < 8) {
+        setError('Password must be at least 8 characters');
+        return;
+      }
+      setError('');
+      setStep(2);
+      return;
+    }
+
+    setLoading(true);
+    setError('');
+
+    try {
+      const res = await fetch('/api/setup', {
+        method: 'POST',
+        headers: { 'Content-Type': 'application/json' },
+        body: JSON.stringify({
+          admin: { name: adminName, email: adminEmail, password: adminPassword },
+          settings: {
+            title,
+            commissioner,
+            eventName,
+            betAmount: parseFloat(betAmount) || 10,
+          },
+        }),
+      });
+
+      if (!res.ok) {
+        const data = await res.json();
+        throw new Error(data.error || 'Setup failed');
+      }
+
+      router.push('/login');
+    } catch (err: any) {
+      setError(err.message);
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  return (
+    <div className="min-h-screen flex items-center justify-center px-4">
+      <div className="w-full max-w-md">
+        <div className="text-center mb-8">
+          <Image
+            src="/images/superbowlnumber.png"
+            alt="Super Bowl"
+            width={80}
+            height={80}
+            className="mx-auto mb-4"
+          />
+          <h1 className="text-3xl font-bold">Welcome!</h1>
+          <p className="text-gray-400 mt-2">Let&apos;s set up your Super Bowl Squares game</p>
+        </div>
+
+        <div className="card">
+          {/* Progress */}
+          <div className="flex items-center gap-2 mb-6">
+            <div className={`h-1 flex-1 rounded ${step >= 1 ? 'bg-primary-500' : 'bg-gray-700'}`} />
+            <div className={`h-1 flex-1 rounded ${step >= 2 ? 'bg-primary-500' : 'bg-gray-700'}`} />
+          </div>
+
+          {error && (
+            <div className="bg-red-900/50 border border-red-700 rounded-lg px-4 py-2 mb-4 text-sm text-red-300">
+              {error}
+            </div>
+          )}
+
+          {step === 1 && (
+            <div className="space-y-4">
+              <h2 className="text-lg font-semibold">Create Admin Account</h2>
+              <Input
+                id="adminName"
+                label="Name"
+                value={adminName}
+                onChange={(e) => setAdminName(e.target.value)}
+                placeholder="Your name"
+              />
+              <Input
+                id="adminEmail"
+                label="Email"
+                type="email"
+                value={adminEmail}
+                onChange={(e) => setAdminEmail(e.target.value)}
+                placeholder="admin@example.com"
+              />
+              <Input
+                id="adminPassword"
+                label="Password"
+                type="password"
+                value={adminPassword}
+                onChange={(e) => setAdminPassword(e.target.value)}
+                placeholder="At least 8 characters"
+              />
+              <Input
+                id="adminConfirmPassword"
+                label="Confirm Password"
+                type="password"
+                value={adminConfirmPassword}
+                onChange={(e) => setAdminConfirmPassword(e.target.value)}
+                placeholder="Confirm your password"
+              />
+              <Button onClick={handleSubmit} className="w-full">
+                Next
+              </Button>
+            </div>
+          )}
+
+          {step === 2 && (
+            <div className="space-y-4">
+              <h2 className="text-lg font-semibold">Game Settings</h2>
+              <Input
+                id="title"
+                label="Page Title"
+                value={title}
+                onChange={(e) => setTitle(e.target.value)}
+                placeholder="Super Bowl Squares"
+              />
+              <Input
+                id="commissioner"
+                label="Commissioner Name"
+                value={commissioner}
+                onChange={(e) => setCommissioner(e.target.value)}
+                placeholder="Your name"
+              />
+              <Input
+                id="eventName"
+                label="Event Name"
+                value={eventName}
+                onChange={(e) => setEventName(e.target.value)}
+                placeholder="Super Bowl LIX"
+              />
+              <Input
+                id="betAmount"
+                label="Bet Amount ($)"
+                type="number"
+                value={betAmount}
+                onChange={(e) => setBetAmount(e.target.value)}
+                placeholder="10"
+              />
+              <div className="flex gap-3">
+                <Button variant="secondary" onClick={() => setStep(1)} className="flex-1">
+                  Back
+                </Button>
+                <Button onClick={handleSubmit} loading={loading} className="flex-1">
+                  Complete Setup
+                </Button>
+              </div>
+            </div>
+          )}
+        </div>
+      </div>
+    </div>
+  );
+}
diff --git a/src/app/signup/page.tsx b/src/app/signup/page.tsx
new file mode 100644
index 0000000..cd6d506
--- /dev/null
+++ b/src/app/signup/page.tsx
@@ -0,0 +1,338 @@
+'use client';
+
+import { useState, useEffect, Suspense } from 'react';
+import { useSearchParams } from 'next/navigation';
+import { useSession, signIn } from 'next-auth/react';
+import { Input } from '@/components/ui/Input';
+import { Button } from '@/components/ui/Button';
+import { useWebSocket } from '@/lib/ws';
+import Link from 'next/link';
+
+interface PaymentMethod {
+  type: string;
+  value: string;
+  enabled: boolean;
+}
+
+interface SettingsData {
+  betAmount: number;
+  graceHours: number;
+  paymentInstructions: string;
+  paymentMethods: PaymentMethod[];
+}
+
+const PAYMENT_LABELS: Record<string, string> = {
+  VENMO: 'Venmo',
+  PAYPAL: 'PayPal',
+  CASHAPP: 'Cash App',
+  ZELLE: 'Zelle',
+  CASH: 'Cash',
+};
+
+function SignupForm() {
+  const searchParams = useSearchParams();
+  const { data: session } = useSession();
+  const { notifySquaresChanged } = useWebSocket();
+
+  const squaresParam = searchParams.get('squares') || '';
+  const positions = squaresParam.split(',').filter(Boolean);
+
+  const [mode, setMode] = useState<'guest' | 'account'>('guest');
+  const [guestName, setGuestName] = useState('');
+  const [guestEmail, setGuestEmail] = useState('');
+  const [password, setPassword] = useState('');
+  const [confirmPassword, setConfirmPassword] = useState('');
+  const [notes, setNotes] = useState('');
+  const [error, setError] = useState('');
+  const [loading, setLoading] = useState(false);
+  const [success, setSuccess] = useState(false);
+  const [settings, setSettings] = useState<SettingsData | null>(null);
+
+  useEffect(() => {
+    if (session?.user) {
+      setGuestName(session.user.name || '');
+      setGuestEmail(session.user.email || '');
+    }
+  }, [session]);
+
+  if (positions.length === 0) {
+    return (
+      <div className="min-h-screen flex items-center justify-center px-4">
+        <div className="card text-center">
+          <h1 className="text-xl font-bold mb-2">No Squares Selected</h1>
+          <p className="text-gray-400 mb-4">Go back to the grid and select your squares.</p>
+          <Link href="/" className="btn-primary">
+            Back to Grid
+          </Link>
+        </div>
+      </div>
+    );
+  }
+
+  if (success) {
+    const totalCost = settings ? settings.betAmount * positions.length : null;
+    const enabledPayments = settings?.paymentMethods?.filter((pm) => pm.enabled) || [];
+
+    return (
+      <div className="min-h-screen flex items-center justify-center px-4">
+        <div className="card text-center max-w-md">
+          <div className="text-4xl mb-4">&#127944;</div>
+          <h1 className="text-xl font-bold mb-2">Squares Claimed!</h1>
+          <p className="text-gray-400 mb-2">
+            You have claimed {positions.length} square{positions.length !== 1 ? 's' : ''}: {positions.join(', ')}
+          </p>
+          <p className="text-sm text-yellow-400 mb-4">
+            Your squares will appear as pending until the commissioner confirms payment.
+          </p>
+
+          {totalCost !== null && (
+            <div className="bg-gray-800 rounded-lg p-4 mb-4 text-left space-y-3">
+              <div className="flex justify-between items-center">
+                <span className="text-gray-400 text-sm">Total Due</span>
+                <span className="text-lg font-bold text-green-400">${totalCost.toFixed(2)}</span>
+              </div>
+
+              {settings?.graceHours && (
+                <p className="text-xs text-gray-500">
+                  Please pay within {settings.graceHours} hours to keep your squares.
+                </p>
+              )}
+
+              {settings?.paymentInstructions && (
+                <p className="text-sm text-gray-300">{settings.paymentInstructions}</p>
+              )}
+
+              {enabledPayments.length > 0 && (
+                <div className="space-y-2 pt-2 border-t border-gray-700">
+                  <p className="text-sm font-medium text-gray-300">Payment Methods</p>
+                  {enabledPayments.map((pm, idx) => (
+                    <div key={idx} className="flex items-center justify-between text-sm">
+                      <span className="text-gray-400">{PAYMENT_LABELS[pm.type] || pm.type}</span>
+                      <span className="text-white font-mono">{pm.value}</span>
+                    </div>
+                  ))}
+                </div>
+              )}
+            </div>
+          )}
+
+          <Link href="/" className="btn-primary">
+            Back to Grid
+          </Link>
+        </div>
+      </div>
+    );
+  }
+
+  const purchaseSquares = async () => {
+    const res = await fetch('/api/squares', {
+      method: 'POST',
+      headers: { 'Content-Type': 'application/json' },
+      body: JSON.stringify({
+        positions,
+        guestName: session ? undefined : guestName,
+        guestEmail: session ? undefined : guestEmail,
+        notes,
+      }),
+    });
+
+    if (!res.ok) {
+      const data = await res.json();
+      throw new Error(data.error || 'Purchase failed');
+    }
+  };
+
+  const handleSubmit = async (e: React.FormEvent) => {
+    e.preventDefault();
+    setLoading(true);
+    setError('');
+
+    try {
+      // If creating an account (and not already signed in)
+      if (mode === 'account' && !session) {
+        if (password !== confirmPassword) {
+          throw new Error('Passwords do not match');
+        }
+        if (password.length < 8) {
+          throw new Error('Password must be at least 8 characters');
+        }
+
+        // Create account
+        const createRes = await fetch('/api/users', {
+          method: 'POST',
+          headers: { 'Content-Type': 'application/json' },
+          body: JSON.stringify({
+            name: guestName,
+            email: guestEmail,
+            password,
+          }),
+        });
+
+        if (!createRes.ok) {
+          const data = await createRes.json();
+          throw new Error(data.error || 'Account creation failed');
+        }
+
+        // Sign in with the new account
+        const signInRes = await signIn('credentials', {
+          redirect: false,
+          email: guestEmail,
+          password,
+        });
+
+        if (signInRes?.error) {
+          throw new Error('Account created but sign-in failed. Please log in manually and try again.');
+        }
+      }
+
+      // Purchase squares
+      await purchaseSquares();
+      notifySquaresChanged();
+
+      // Fetch settings for payment info display
+      try {
+        const settingsRes = await fetch('/api/settings');
+        if (settingsRes.ok) {
+          const data = await settingsRes.json();
+          setSettings(data);
+        }
+      } catch {
+        // Non-critical — just won't show payment info
+      }
+
+      setSuccess(true);
+    } catch (err: any) {
+      setError(err.message);
+    } finally {
+      setLoading(false);
+    }
+  };
+
+  return (
+    <div className="min-h-screen flex items-center justify-center px-4">
+      <div className="w-full max-w-md">
+        <div className="text-center mb-6">
+          <h1 className="text-2xl font-bold">Purchase Squares</h1>
+          <p className="text-gray-400 mt-1">
+            Claiming {positions.length} square{positions.length !== 1 ? 's' : ''}: {positions.join(', ')}
+          </p>
+        </div>
+
+        <form onSubmit={handleSubmit} className="card space-y-4">
+          {error && (
+            <div className="bg-red-900/50 border border-red-700 rounded-lg px-4 py-2 text-sm text-red-300">
+              {error}
+            </div>
+          )}
+
+          {!session && (
+            <>
+              <div className="flex rounded-lg overflow-hidden border border-gray-700">
+                <button
+                  type="button"
+                  onClick={() => setMode('guest')}
+                  className={`flex-1 py-2 text-sm font-medium transition-colors ${
+                    mode === 'guest'
+                      ? 'bg-primary-600 text-white'
+                      : 'bg-gray-800 text-gray-400 hover:text-white'
+                  }`}
+                >
+                  Continue as Guest
+                </button>
+                <button
+                  type="button"
+                  onClick={() => setMode('account')}
+                  className={`flex-1 py-2 text-sm font-medium transition-colors ${
+                    mode === 'account'
+                      ? 'bg-primary-600 text-white'
+                      : 'bg-gray-800 text-gray-400 hover:text-white'
+                  }`}
+                >
+                  Create Account
+                </button>
+              </div>
+
+              <Input
+                id="guestName"
+                label="Your Name"
+                value={guestName}
+                onChange={(e) => setGuestName(e.target.value)}
+                placeholder="Full name"
+                required
+              />
+              <Input
+                id="guestEmail"
+                label="Email"
+                type="email"
+                value={guestEmail}
+                onChange={(e) => setGuestEmail(e.target.value)}
+                placeholder="your@email.com"
+                required
+              />
+
+              {mode === 'account' && (
+                <>
+                  <Input
+                    id="password"
+                    label="Password"
+                    type="password"
+                    value={password}
+                    onChange={(e) => setPassword(e.target.value)}
+                    placeholder="At least 8 characters"
+                    required
+                  />
+                  <Input
+                    id="confirmPassword"
+                    label="Confirm Password"
+                    type="password"
+                    value={confirmPassword}
+                    onChange={(e) => setConfirmPassword(e.target.value)}
+                    placeholder="Re-enter password"
+                    required
+                  />
+                </>
+              )}
+            </>
+          )}
+
+          {session && (
+            <p className="text-sm text-gray-400">
+              Purchasing as <strong>{session.user.name}</strong> ({session.user.email})
+            </p>
+          )}
+
+          <div className="space-y-1">
+            <label className="block text-sm font-medium text-gray-300">
+              Notes (optional)
+            </label>
+            <textarea
+              value={notes}
+              onChange={(e) => setNotes(e.target.value)}
+              className="input-field resize-none"
+              rows={3}
+              placeholder="Any notes for the commissioner..."
+              maxLength={500}
+            />
+          </div>
+
+          <div className="flex gap-3">
+            <Link href="/" className="btn-secondary flex-1 text-center">
+              Cancel
+            </Link>
+            <Button type="submit" loading={loading} className="flex-1">
+              {mode === 'account' && !session ? 'Create Account & Purchase' : 'Confirm Purchase'}
+            </Button>
+          </div>
+        </form>
+      </div>
+    </div>
+  );
+}
+
+export default function SignupPage() {
+  return (
+    <Suspense fallback={<div className="min-h-screen flex items-center justify-center"><p>Loading...</p></div>}>
+      <SignupForm />
+    </Suspense>
+  );
+}
diff --git a/src/components/Providers.tsx b/src/components/Providers.tsx
new file mode 100644
index 0000000..df58510
--- /dev/null
+++ b/src/components/Providers.tsx
@@ -0,0 +1,15 @@
+'use client';
+
+import { SessionProvider } from 'next-auth/react';
+import { ToastProvider } from '@/components/ui/Toast';
+import { WebSocketProvider } from '@/lib/ws';
+
+export function Providers({ children }: { children: React.ReactNode }) {
+  return (
+    <SessionProvider>
+      <WebSocketProvider>
+        <ToastProvider>{children}</ToastProvider>
+      </WebSocketProvider>
+    </SessionProvider>
+  );
+}
diff --git a/src/components/chat/ChatWindow.tsx b/src/components/chat/ChatWindow.tsx
new file mode 100644
index 0000000..43a289c
--- /dev/null
+++ b/src/components/chat/ChatWindow.tsx
@@ -0,0 +1,109 @@
+'use client';
+
+import { useSession } from 'next-auth/react';
+import { useWebSocket } from '@/lib/ws';
+import { useState, useRef, useEffect } from 'react';
+
+export function ChatWindow() {
+  const { data: session } = useSession();
+  const { messages, connected, sendMessage, deleteMessage } = useWebSocket();
+  const [input, setInput] = useState('');
+  const messagesEndRef = useRef<HTMLDivElement>(null);
+  const isAdmin =
+    (session?.user as any)?.role === 'ADMIN' ||
+    (session?.user as any)?.role === 'VIEWER';
+
+  useEffect(() => {
+    messagesEndRef.current?.scrollIntoView({ behavior: 'smooth' });
+  }, [messages]);
+
+  const userId = (session?.user as any)?.id;
+
+  const handleSend = () => {
+    if (!input.trim()) return;
+    sendMessage(input.trim(), userId);
+    setInput('');
+  };
+
+  if (!session?.user) {
+    return (
+      <div className="card h-full flex flex-col">
+        <div className="bg-gradient-to-r from-primary-900/40 to-gray-900 -m-6 mb-4 p-4 rounded-t-xl border-b border-gray-800/60">
+          <h3 className="font-bold text-lg">Live Chat</h3>
+        </div>
+        <div className="flex-1 flex items-center justify-center text-gray-500 text-sm">
+          <p>Log in to participate in the chat</p>
+        </div>
+        <div className="space-y-2 max-h-64 overflow-y-auto">
+          {messages.slice(-20).map((msg) => (
+            <div key={msg.id} className="text-sm">
+              <span className="font-medium text-primary-400">{msg.userName}</span>{' '}
+              <span className="text-gray-300">{msg.message}</span>
+            </div>
+          ))}
+          <div ref={messagesEndRef} />
+        </div>
+      </div>
+    );
+  }
+
+  return (
+    <div className="card h-[600px] flex flex-col">
+      <div className="bg-gradient-to-r from-primary-900/40 to-gray-900 -mx-6 -mt-6 mb-3 px-4 py-3 rounded-t-xl border-b border-gray-800/60 flex items-center justify-between">
+        <h3 className="font-bold text-lg">Live Chat</h3>
+        <span
+          className={`text-xs px-2 py-0.5 rounded-full ${
+            connected ? 'bg-green-900/60 text-green-300' : 'bg-red-900/60 text-red-300'
+          }`}
+        >
+          {connected ? 'Connected' : 'Disconnected'}
+        </span>
+      </div>
+
+      <div className="flex-1 overflow-y-auto space-y-1 mb-3 pr-1">
+        {messages.map((msg) => (
+          <div key={msg.id} className="group text-sm flex items-start gap-1">
+            <div className="flex-1">
+              <span className="font-medium text-primary-400">{msg.userName}</span>{' '}
+              <span className="text-gray-300">{msg.message}</span>
+              <span className="text-[10px] text-gray-600 ml-1">
+                {new Date(msg.createdAt).toLocaleTimeString([], {
+                  hour: '2-digit',
+                  minute: '2-digit',
+                })}
+              </span>
+            </div>
+            {isAdmin && (
+              <button
+                onClick={() => {
+                  deleteMessage(msg.id, userId);
+                }}
+                className="opacity-0 group-hover:opacity-100 text-red-400 hover:text-red-300 text-xs"
+              >
+                x
+              </button>
+            )}
+          </div>
+        ))}
+        <div ref={messagesEndRef} />
+      </div>
+
+      <div className="flex gap-2">
+        <input
+          type="text"
+          value={input}
+          onChange={(e) => setInput(e.target.value)}
+          onKeyDown={(e) => {
+            if (e.key === 'Enter') handleSend();
+          }}
+          placeholder="Type a message..."
+          className="input-field flex-1 text-sm"
+          maxLength={500}
+        />
+        <button onClick={handleSend} className="btn-primary text-sm">
+          Send
+        </button>
+      </div>
+    </div>
+  );
+}
diff --git a/src/components/grid/GridHeader.tsx b/src/components/grid/GridHeader.tsx
new file mode 100644
index 0000000..199b832
--- /dev/null
+++ b/src/components/grid/GridHeader.tsx
@@ -0,0 +1,123 @@
+'use client';
+
+import { useState } from 'react';
+import { useSession } from 'next-auth/react';
+import Image from 'next/image';
+import Link from 'next/link';
+import { Modal } from '@/components/ui/Modal';
+
+interface GridHeaderProps {
+  settings: {
+    title: string;
+    commissioner: string;
+    eventName: string;
+    eventDate: string;
+    eventTime: string;
+    sbLogo: string;
+    nfcTeam: string;
+    nfcLogo: string;
+    afcTeam: string;
+    afcLogo: string;
+    betAmount: number;
+    rulesText: string;
+  } | null;
+}
+
+export function GridHeader({ settings }: GridHeaderProps) {
+  const { data: session } = useSession();
+  const [rulesOpen, setRulesOpen] = useState(false);
+  const s = settings;
+
+  return (
+    <>
+      <header className="bg-gray-900/90 border-b border-gray-800/60 shadow-lg shadow-black/20 backdrop-blur-sm">
+        <div className="max-w-7xl mx-auto px-4 py-4">
+          {/* Top row: title left, nav right */}
+          <div className="flex items-center justify-between mb-4">
+            <div>
+              <h1 className="text-2xl font-bold">{s?.title || 'Super Bowl Squares'}</h1>
+              <p className="text-gray-400 text-sm">
+                {s?.eventName}
+                {s?.eventDate && ` - ${s.eventDate}`}
+                {s?.eventTime && ` at ${s.eventTime}`}
+              </p>
+              {s?.commissioner && (
+                <p className="text-gray-500 text-xs">Commissioner: {s.commissioner}</p>
+              )}
+            </div>
+
+            <nav className="flex items-center gap-3">
+              <button
+                onClick={() => setRulesOpen(true)}
+                className="btn-secondary text-sm"
+              >
+                Rules
+              </button>
+              {session?.user ? (
+                <>
+                  <span className="text-sm text-gray-400">Hi, {session.user.name}</span>
+                  {(session.user as any).role === 'PLAYER' && (
+                    <Link href="/my-squares" className="btn-secondary text-sm">
+                      My Squares
+                    </Link>
+                  )}
+                  {((session.user as any).role === 'ADMIN' || (session.user as any).role === 'VIEWER') && (
+                    <Link href="/admin" className="btn-secondary text-sm">
+                      Admin
+                    </Link>
+                  )}
+                  <Link href="/api/auth/signout" className="text-sm text-gray-400 hover:text-white">
+                    Sign Out
+                  </Link>
+                </>
+              ) : (
+                <>
+                  <Link href="/login" className="btn-secondary text-sm">
+                    Log In
+                  </Link>
+                  <Link href="/register" className="btn-primary text-sm">
+                    Register
+                  </Link>
+                </>
+              )}
+            </nav>
+          </div>
+
+          {/* Matchup banner - centered */}
+          <div className="flex flex-col items-center gap-3">
+            {s?.sbLogo && (
+              <Image
+                src={s.sbLogo}
+                alt="Super Bowl"
+                width={200}
+                height={200}
+                className="object-contain"
+              />
+            )}
+            <div className="flex items-center gap-6 text-xl font-bold">
+              {s?.afcLogo && (
+                <Image src={s.afcLogo} alt={s?.afcTeam || 'AFC'} width={80} height={80} className="object-contain" />
+              )}
+              <span className="text-2xl">{s?.afcTeam || 'AFC'}</span>
+              <span className="text-gray-500 text-lg">vs.</span>
+              <span className="text-2xl">{s?.nfcTeam || 'NFC'}</span>
+              {s?.nfcLogo && (
+                <Image src={s.nfcLogo} alt={s?.nfcTeam || 'NFC'} width={80} height={80} className="object-contain" />
+              )}
+            </div>
+          </div>
+        </div>
+      </header>
+
+      <Modal open={rulesOpen} onClose={() => setRulesOpen(false)} title="Game Rules">
+        {s?.rulesText ? (
+          <div className="text-gray-300 text-sm whitespace-pre-wrap max-h-[60vh] overflow-y-auto">
+            {s.rulesText}
+          </div>
+        ) : (
+          <p className="text-gray-500 text-sm">No rules have been posted yet.</p>
+        )}
+      </Modal>
+    </>
+  );
+}
diff --git a/src/components/grid/SquareCell.tsx b/src/components/grid/SquareCell.tsx
new file mode 100644
index 0000000..5d1bdaa
--- /dev/null
+++ b/src/components/grid/SquareCell.tsx
@@ -0,0 +1,71 @@
+'use client';
+
+interface SquareCellProps {
+  square: {
+    position: string;
+    userId: string | null;
+    guestName: string | null;
+    confirmed: boolean;
+    firstWin: boolean;
+    halfWin: boolean;
+    thirdWin: boolean;
+    finalWin: boolean;
+    user: { name: string } | null;
+  };
+  isOwn: boolean;
+  isSelected: boolean;
+  onSelect?: () => void;
+}
+
+export function SquareCell({ square, isOwn, isSelected, onSelect }: SquareCellProps) {
+  const name = square.user?.name || square.guestName;
+  const isTaken = !!name;
+  const isWinner = square.firstWin || square.halfWin || square.thirdWin || square.finalWin;
+
+  let bgColor = 'bg-gray-800/60 hover:bg-gray-700/80 cursor-pointer shadow-inner'; // available
+  if (isTaken && square.confirmed) {
+    bgColor = 'bg-green-900/40 border-green-600/50 shadow-[inset_0_0_12px_rgba(34,197,94,0.08)]'; // confirmed
+  } else if (isTaken && !square.confirmed) {
+    bgColor = 'bg-yellow-900/30 border-yellow-600/50 shadow-[inset_0_0_12px_rgba(234,179,8,0.08)]'; // pending
+  }
+  if (isOwn) {
+    bgColor = 'bg-primary-900/50 border-primary-500/60 ring-1 ring-primary-500/40 shadow-[inset_0_0_12px_rgba(59,130,246,0.1)]'; // own square
+  }
+  if (isSelected) {
+    bgColor = 'bg-primary-600 border-primary-400 shadow-[0_0_12px_rgba(59,130,246,0.3)]'; // selected for purchase
+  }
+  if (isWinner) {
+    bgColor += ' ring-2 ring-yellow-400/80 shadow-[0_0_10px_rgba(250,204,21,0.2)]';
+  }
+
+  const winLabels = [];
+  if (square.firstWin) winLabels.push('Q1');
+  if (square.halfWin) winLabels.push('Q2');
+  if (square.thirdWin) winLabels.push('Q3');
+  if (square.finalWin) winLabels.push('F');
+
+  return (
+    <div
+      className={`${bgColor} border border-gray-700/60 rounded-md aspect-square flex flex-col items-center justify-center text-center transition-all duration-150`}
+      onClick={!isTaken ? onSelect : undefined}
+    >
+      {name ? (
+        <>
+          <span className="text-[10px] font-medium break-words leading-tight overflow-hidden w-full px-0.5">
+            {name}
+          </span>
+          {!square.confirmed && (
+            <span className="text-[9px] text-yellow-400/90">Pending</span>
+          )}
+          {winLabels.length > 0 && (
+            <span className="text-[9px] text-yellow-300 font-bold">
+              {winLabels.join(',')}
+            </span>
+          )}
+        </>
+      ) : (
+        <span className="text-[10px] text-gray-600">{square.position}</span>
+      )}
+    </div>
+  );
+}
diff --git a/src/components/grid/SquareGrid.tsx b/src/components/grid/SquareGrid.tsx
new file mode 100644
index 0000000..f176bba
--- /dev/null
+++ b/src/components/grid/SquareGrid.tsx
@@ -0,0 +1,240 @@
+'use client';
+
+import { useSession } from 'next-auth/react';
+import { useState, useEffect, useRef } from 'react';
+import { SquareCell } from './SquareCell';
+import { useWebSocket } from '@/lib/ws';
+import Link from 'next/link';
+
+interface Square {
+  id: string;
+  position: string;
+  userId: string | null;
+  guestName: string | null;
+  confirmed: boolean;
+  firstWin: boolean;
+  halfWin: boolean;
+  thirdWin: boolean;
+  finalWin: boolean;
+  user: { name: string; id: string } | null;
+}
+
+interface GridNumber {
+  position: number;
+  nfcNumber: number;
+  afcNumber: number;
+}
+
+interface Winner {
+  position: string;
+  name: string;
+}
+
+interface SquareGridProps {
+  squares: Square[];
+  gridNumbers: GridNumber[];
+  settings: {
+    nfcTeam: string;
+    nfcLogo: string;
+    afcTeam: string;
+    afcLogo: string;
+    betAmount: number;
+    winFirstPct: number;
+    winSecondPct: number;
+    winThirdPct: number;
+    winFinalPct: number;
+  } | null;
+  scores: {
+    nfcFirst: number | null;
+    afcFirst: number | null;
+    nfcHalf: number | null;
+    afcHalf: number | null;
+    nfcThird: number | null;
+    afcThird: number | null;
+    nfcFinal: number | null;
+    afcFinal: number | null;
+  } | null;
+  winners: Record<string, Winner> | null;
+}
+
+export function SquareGrid({ squares: initialSquares, gridNumbers, settings, scores, winners }: SquareGridProps) {
+  const { data: session } = useSession();
+  const [selectedSquares, setSelectedSquares] = useState<string[]>([]);
+  const [squares, setSquares] = useState<Square[]>(initialSquares);
+  const { squaresVersion } = useWebSocket();
+  const prevVersion = useRef(squaresVersion);
+
+  // Re-fetch squares when WS notifies of changes
+  useEffect(() => {
+    if (squaresVersion !== prevVersion.current) {
+      prevVersion.current = squaresVersion;
+      fetch('/api/squares')
+        .then((res) => res.json())
+        .then((data) => {
+          if (Array.isArray(data)) setSquares(data);
+        })
+        .catch(() => {});
+    }
+  }, [squaresVersion]);
+
+  const hasNumbers = gridNumbers.length === 10;
+
+  // Build grid: rows are NFC (0-9), cols are AFC (0-9)
+  const grid: Square[][] = [];
+  for (let row = 0; row < 10; row++) {
+    grid[row] = [];
+    for (let col = 0; col < 10; col++) {
+      const pos = `${row}${col}`;
+      const square = squares.find((s) => s.position === pos);
+      if (square) grid[row][col] = square;
+    }
+  }
+
+  const toggleSelect = (position: string) => {
+    setSelectedSquares((prev) =>
+      prev.includes(position)
+        ? prev.filter((p) => p !== position)
+        : prev.length < 10
+        ? [...prev, position]
+        : prev
+    );
+  };
+
+  const nfcNumbers = hasNumbers
+    ? gridNumbers.sort((a, b) => a.position - b.position).map((g) => g.nfcNumber)
+    : [];
+  const afcNumbers = hasNumbers
+    ? gridNumbers.sort((a, b) => a.position - b.position).map((g) => g.afcNumber)
+    : [];
+
+  const totalPot = (settings?.betAmount || 0) * 100;
+
+  const quarterInfo = [
+    { label: 'Q1', key: 'first', nfc: scores?.nfcFirst, afc: scores?.afcFirst, pct: settings?.winFirstPct || 0 },
+    { label: 'Q2', key: 'half', nfc: scores?.nfcHalf, afc: scores?.afcHalf, pct: settings?.winSecondPct || 0 },
+    { label: 'Q3', key: 'third', nfc: scores?.nfcThird, afc: scores?.afcThird, pct: settings?.winThirdPct || 0 },
+    { label: 'Final', key: 'final', nfc: scores?.nfcFinal, afc: scores?.afcFinal, pct: settings?.winFinalPct || 0 },
+  ];
+
+  return (
+    <div className="space-y-4">
+      {/* Score display */}
+      {scores && (scores.nfcFirst !== null || scores.nfcHalf !== null || scores.nfcThird !== null || scores.nfcFinal !== null) && (
+        <div className="card-elevated border-l-4 border-l-primary-500">
+          <h3 className="text-sm font-semibold text-gray-400 mb-3">Scores</h3>
+          <div className="grid grid-cols-4 gap-3 text-center text-sm">
+            {quarterInfo.map((q) => {
+              const winner = winners?.[q.key];
+              const payout = totalPot * q.pct / 100;
+              return (
+                <div key={q.label} className="bg-gray-800/50 rounded-lg p-2">
+                  <div className="text-gray-500 text-xs font-semibold uppercase tracking-wide mb-1">{q.label}</div>
+                  <div className="text-gray-200">{settings?.nfcTeam} {q.nfc ?? '-'}</div>
+                  <div className="text-gray-200">{settings?.afcTeam} {q.afc ?? '-'}</div>
+                  {winner && (
+                    <div className="mt-1 border-t border-gray-700 pt-1">
+                      <div className="text-yellow-300 text-xs font-bold">{winner.name}</div>
+                      <div className="text-green-400 text-xs">${payout.toFixed(0)}</div>
+                    </div>
+                  )}
+                </div>
+              );
+            })}
+          </div>
+        </div>
+      )}
+
+      {/* Grid */}
+      <div className="card-elevated overflow-x-auto">
+        {/* AFC axis label */}
+        <div className="text-center text-sm font-semibold text-gray-400 mb-1">
+          {settings?.afcTeam || 'AFC'}
+        </div>
+        <div className="flex">
+          {/* NFC axis label */}
+          <div className="flex items-center justify-center mr-1">
+            <span
+              className="text-sm font-semibold text-gray-400"
+              style={{ writingMode: 'vertical-rl', transform: 'rotate(180deg)' }}
+            >
+              {settings?.nfcTeam || 'NFC'}
+            </span>
+          </div>
+          <table className="w-full border-collapse table-fixed">
+            <colgroup>
+              {Array.from({ length: 11 }, (_, i) => (
+                <col key={i} className="w-[9.09%]" />
+              ))}
+            </colgroup>
+            <thead>
+              <tr>
+                {/* Corner cell - empty */}
+                <th className="p-0.5">
+                  <div className="aspect-square" />
+                </th>
+                {/* AFC numbers across top */}
+                {Array.from({ length: 10 }, (_, i) => (
+                  <th key={i} className="p-0.5 text-center">
+                    <div className="bg-gray-800/80 rounded-md aspect-square flex items-center justify-center text-sm font-bold">
+                      {hasNumbers ? afcNumbers[i] : '?'}
+                    </div>
+                  </th>
+                ))}
+              </tr>
+            </thead>
+            <tbody>
+              {grid.map((row, rowIdx) => (
+                <tr key={rowIdx}>
+                  {/* NFC number on left side */}
+                  <td className="p-0.5">
+                    <div className="bg-gray-800/80 rounded-md aspect-square flex items-center justify-center text-sm font-bold">
+                      {hasNumbers ? nfcNumbers[rowIdx] : '?'}
+                    </div>
+                  </td>
+                  {row.map((square, colIdx) => (
+                    <td key={colIdx} className="p-0.5">
+                      <SquareCell
+                        square={square}
+                        isOwn={
+                          session?.user
+                            ? square.userId === (session.user as any).id
+                            : false
+                        }
+                        isSelected={selectedSquares.includes(square.position)}
+                        onSelect={
+                          !square.userId && !square.guestName
+                            ? () => toggleSelect(square.position)
+                            : undefined
+                        }
+                      />
+                    </td>
+                  ))}
+                </tr>
+              ))}
+            </tbody>
+          </table>
+        </div>
+      </div>
+
+      {/* Purchase selected squares */}
+      {selectedSquares.length > 0 && (
+        <div className="card-elevated flex items-center justify-between">
+          <div>
+            <p className="font-medium">
+              {selectedSquares.length} square{selectedSquares.length !== 1 ? 's' : ''} selected
+            </p>
+            <p className="text-sm text-gray-400">
+              Total: ${((settings?.betAmount || 10) * selectedSquares.length).toFixed(2)}
+            </p>
+          </div>
+          <Link
+            href={`/signup?squares=${selectedSquares.join(',')}`}
+            className="btn-primary"
+          >
+            Purchase Squares
+          </Link>
+        </div>
+      )}
+    </div>
+  );
+}
diff --git a/src/components/ui/Button.tsx b/src/components/ui/Button.tsx
new file mode 100644
index 0000000..99c1fd1
--- /dev/null
+++ b/src/components/ui/Button.tsx
@@ -0,0 +1,45 @@
+'use client';
+
+import { ButtonHTMLAttributes, forwardRef } from 'react';
+
+interface ButtonProps extends ButtonHTMLAttributes<HTMLButtonElement> {
+  variant?: 'primary' | 'secondary' | 'danger' | 'success';
+  size?: 'sm' | 'md' | 'lg';
+  loading?: boolean;
+}
+
+const variants = {
+  primary: 'btn-primary',
+  secondary: 'btn-secondary',
+  danger: 'btn-danger',
+  success: 'btn-success',
+};
+
+const sizes = {
+  sm: 'text-sm py-1.5 px-3',
+  md: 'py-2 px-4',
+  lg: 'text-lg py-3 px-6',
+};
+
+export const Button = forwardRef<HTMLButtonElement, ButtonProps>(
+  ({ variant = 'primary', size = 'md', loading, children, className = '', disabled, ...props }, ref) => {
+    return (
+      <button
+        ref={ref}
+        className={`${variants[variant]} ${sizes[size]} ${className} inline-flex items-center justify-center`}
+        disabled={disabled || loading}
+        {...props}
+      >
+        {loading && (
+          <svg className="animate-spin -ml-1 mr-2 h-4 w-4" xmlns="http://www.w3.org/2000/svg" fill="none" viewBox="0 0 24 24">
+            <circle className="opacity-25" cx="12" cy="12" r="10" stroke="currentColor" strokeWidth="4" />
+            <path className="opacity-75" fill="currentColor" d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4z" />
+          </svg>
+        )}
+        {children}
+      </button>
+    );
+  }
+);
+
+Button.displayName = 'Button';
diff --git a/src/components/ui/ImagePicker.tsx b/src/components/ui/ImagePicker.tsx
new file mode 100644
index 0000000..6703481
--- /dev/null
+++ b/src/components/ui/ImagePicker.tsx
@@ -0,0 +1,191 @@
+'use client';
+
+import { useState, useRef } from 'react';
+import Image from 'next/image';
+import { Modal } from './Modal';
+
+interface GalleryImage {
+  url: string;
+  name: string;
+  category: string;
+}
+
+interface ImagePickerProps {
+  label: string;
+  value: string;
+  onChange: (url: string) => void;
+}
+
+export function ImagePicker({ label, value, onChange }: ImagePickerProps) {
+  const [galleryOpen, setGalleryOpen] = useState(false);
+  const [gallery, setGallery] = useState<GalleryImage[]>([]);
+  const [galleryLoading, setGalleryLoading] = useState(false);
+  const [uploading, setUploading] = useState(false);
+  const [filter, setFilter] = useState<'all' | 'uploads' | 'stock'>('all');
+  const fileInputRef = useRef<HTMLInputElement>(null);
+
+  const handleUpload = async (e: React.ChangeEvent<HTMLInputElement>) => {
+    const file = e.target.files?.[0];
+    if (!file) return;
+
+    setUploading(true);
+    try {
+      const formData = new FormData();
+      formData.append('file', file);
+
+      const res = await fetch('/api/upload', {
+        method: 'POST',
+        body: formData,
+      });
+
+      if (!res.ok) {
+        const data = await res.json();
+        alert(data.error || 'Upload failed');
+        return;
+      }
+
+      const data = await res.json();
+      onChange(data.url);
+    } catch {
+      alert('Upload failed');
+    } finally {
+      setUploading(false);
+      if (fileInputRef.current) fileInputRef.current.value = '';
+    }
+  };
+
+  const openGallery = async () => {
+    setGalleryOpen(true);
+    setGalleryLoading(true);
+    try {
+      const res = await fetch('/api/upload');
+      if (res.ok) {
+        const data = await res.json();
+        setGallery(data.images || []);
+      }
+    } catch {
+      // ignore
+    } finally {
+      setGalleryLoading(false);
+    }
+  };
+
+  const filteredGallery = filter === 'all'
+    ? gallery
+    : gallery.filter((img) => img.category === filter);
+
+  return (
+    <div className="space-y-2">
+      <label className="block text-sm font-medium text-gray-300">{label}</label>
+
+      <div className="flex items-center gap-3">
+        {/* Thumbnail preview */}
+        <div className="w-14 h-14 rounded-lg bg-gray-800 border border-gray-700/60 flex items-center justify-center overflow-hidden flex-shrink-0">
+          {value ? (
+            <Image src={value} alt={label} width={56} height={56} className="object-contain w-full h-full" />
+          ) : (
+            <span className="text-gray-600 text-xs">None</span>
+          )}
+        </div>
+
+        <div className="flex-1 min-w-0">
+          <input
+            type="text"
+            value={value}
+            onChange={(e) => onChange(e.target.value)}
+            className="input-field text-sm"
+            placeholder="/images/example.png"
+          />
+        </div>
+      </div>
+
+      <div className="flex gap-2">
+        <button
+          type="button"
+          onClick={() => fileInputRef.current?.click()}
+          disabled={uploading}
+          className="btn-secondary text-xs py-1 px-3"
+        >
+          {uploading ? 'Uploading...' : 'Upload'}
+        </button>
+        <button
+          type="button"
+          onClick={openGallery}
+          className="btn-secondary text-xs py-1 px-3"
+        >
+          Browse Gallery
+        </button>
+        {value && (
+          <button
+            type="button"
+            onClick={() => onChange('')}
+            className="text-xs text-gray-500 hover:text-gray-300 py-1 px-2"
+          >
+            Clear
+          </button>
+        )}
+      </div>
+
+      <input
+        ref={fileInputRef}
+        type="file"
+        accept="image/png,image/jpeg,image/gif,image/webp,image/svg+xml"
+        onChange={handleUpload}
+        className="hidden"
+      />
+
+      <Modal open={galleryOpen} onClose={() => setGalleryOpen(false)} title="Image Gallery">
+        {/* Filter tabs */}
+        <div className="flex gap-2 mb-4">
+          {(['all', 'uploads', 'stock'] as const).map((f) => (
+            <button
+              key={f}
+              onClick={() => setFilter(f)}
+              className={`text-xs px-3 py-1 rounded-full transition-colors ${
+                filter === f
+                  ? 'bg-primary-600 text-white'
+                  : 'bg-gray-800 text-gray-400 hover:text-white'
+              }`}
+            >
+              {f === 'all' ? 'All' : f === 'uploads' ? 'Uploads' : 'Stock'}
+            </button>
+          ))}
+        </div>
+
+        {galleryLoading ? (
+          <p className="text-gray-500 text-sm text-center py-8">Loading...</p>
+        ) : filteredGallery.length === 0 ? (
+          <p className="text-gray-500 text-sm text-center py-8">No images found</p>
+        ) : (
+          <div className="grid grid-cols-4 gap-2 max-h-80 overflow-y-auto">
+            {filteredGallery.map((img) => (
+              <button
+                key={img.url}
+                onClick={() => {
+                  onChange(img.url);
+                  setGalleryOpen(false);
+                }}
+                className={`p-1 rounded-lg border transition-all hover:border-primary-500 ${
+                  value === img.url
+                    ? 'border-primary-500 bg-primary-900/30'
+                    : 'border-gray-700 bg-gray-800'
+                }`}
+              >
+                <Image
+                  src={img.url}
+                  alt={img.name}
+                  width={80}
+                  height={80}
+                  className="w-full aspect-square object-contain rounded"
+                />
+                <span className="text-[9px] text-gray-500 truncate block mt-0.5">
+                  {img.name}
+                </span>
+              </button>
+            ))}
+          </div>
+        )}
+      </Modal>
+    </div>
+  );
+}
diff --git a/src/components/ui/Input.tsx b/src/components/ui/Input.tsx
new file mode 100644
index 0000000..3f7c426
--- /dev/null
+++ b/src/components/ui/Input.tsx
@@ -0,0 +1,31 @@
+'use client';
+
+import { InputHTMLAttributes, forwardRef } from 'react';
+
+interface InputProps extends InputHTMLAttributes<HTMLInputElement> {
+  label?: string;
+  error?: string;
+}
+
+export const Input = forwardRef<HTMLInputElement, InputProps>(
+  ({ label, error, className = '', id, ...props }, ref) => {
+    return (
+      <div className="space-y-1">
+        {label && (
+          <label htmlFor={id} className="block text-sm font-medium text-gray-300">
+            {label}
+          </label>
+        )}
+        <input
+          ref={ref}
+          id={id}
+          className={`input-field ${error ? 'border-red-500 focus:ring-red-500' : ''} ${className}`}
+          {...props}
+        />
+        {error && <p className="text-sm text-red-400">{error}</p>}
+      </div>
+    );
+  }
+);
+
+Input.displayName = 'Input';
diff --git a/src/components/ui/Modal.tsx b/src/components/ui/Modal.tsx
new file mode 100644
index 0000000..62bd291
--- /dev/null
+++ b/src/components/ui/Modal.tsx
@@ -0,0 +1,44 @@
+'use client';
+
+import { useEffect, useRef } from 'react';
+
+interface ModalProps {
+  open: boolean;
+  onClose: () => void;
+  title: string;
+  children: React.ReactNode;
+}
+
+export function Modal({ open, onClose, title, children }: ModalProps) {
+  const overlayRef = useRef<HTMLDivElement>(null);
+
+  useEffect(() => {
+    const handleEsc = (e: KeyboardEvent) => {
+      if (e.key === 'Escape') onClose();
+    };
+    if (open) document.addEventListener('keydown', handleEsc);
+    return () => document.removeEventListener('keydown', handleEsc);
+  }, [open, onClose]);
+
+  if (!open) return null;
+
+  return (
+    <div
+      ref={overlayRef}
+      className="fixed inset-0 z-50 flex items-center justify-center bg-black/60 backdrop-blur-sm"
+      onClick={(e) => {
+        if (e.target === overlayRef.current) onClose();
+      }}
+    >
+      <div className="bg-gray-900 border border-gray-700 rounded-xl shadow-2xl w-full max-w-lg mx-4 p-6">
+        <div className="flex items-center justify-between mb-4">
+          <h2 className="text-xl font-bold">{title}</h2>
+          <button onClick={onClose} className="text-gray-400 hover:text-white text-2xl leading-none">
+            &times;
+          </button>
+        </div>
+        {children}
+      </div>
+    </div>
+  );
+}
diff --git a/src/components/ui/Select.tsx b/src/components/ui/Select.tsx
new file mode 100644
index 0000000..bbece6c
--- /dev/null
+++ b/src/components/ui/Select.tsx
@@ -0,0 +1,38 @@
+'use client';
+
+import { SelectHTMLAttributes, forwardRef } from 'react';
+
+interface SelectProps extends SelectHTMLAttributes<HTMLSelectElement> {
+  label?: string;
+  error?: string;
+  options: { value: string; label: string }[];
+}
+
+export const Select = forwardRef<HTMLSelectElement, SelectProps>(
+  ({ label, error, options, className = '', id, ...props }, ref) => {
+    return (
+      <div className="space-y-1">
+        {label && (
+          <label htmlFor={id} className="block text-sm font-medium text-gray-300">
+            {label}
+          </label>
+        )}
+        <select
+          ref={ref}
+          id={id}
+          className={`input-field ${error ? 'border-red-500 focus:ring-red-500' : ''} ${className}`}
+          {...props}
+        >
+          {options.map((opt) => (
+            <option key={opt.value} value={opt.value}>
+              {opt.label}
+            </option>
+          ))}
+        </select>
+        {error && <p className="text-sm text-red-400">{error}</p>}
+      </div>
+    );
+  }
+);
+
+Select.displayName = 'Select';
diff --git a/src/components/ui/Toast.tsx b/src/components/ui/Toast.tsx
new file mode 100644
index 0000000..020c1f1
--- /dev/null
+++ b/src/components/ui/Toast.tsx
@@ -0,0 +1,53 @@
+'use client';
+
+import { createContext, useContext, useState, useCallback } from 'react';
+
+interface Toast {
+  id: string;
+  message: string;
+  type: 'success' | 'error' | 'info';
+}
+
+interface ToastContextValue {
+  addToast: (message: string, type?: Toast['type']) => void;
+}
+
+const ToastContext = createContext<ToastContextValue>({ addToast: () => {} });
+
+export function useToast() {
+  return useContext(ToastContext);
+}
+
+export function ToastProvider({ children }: { children: React.ReactNode }) {
+  const [toasts, setToasts] = useState<Toast[]>([]);
+
+  const addToast = useCallback((message: string, type: Toast['type'] = 'info') => {
+    const id = Math.random().toString(36).slice(2);
+    setToasts((prev) => [...prev, { id, message, type }]);
+    setTimeout(() => {
+      setToasts((prev) => prev.filter((t) => t.id !== id));
+    }, 4000);
+  }, []);
+
+  return (
+    <ToastContext.Provider value={{ addToast }}>
+      {children}
+      <div className="fixed bottom-4 right-4 z-50 space-y-2">
+        {toasts.map((toast) => (
+          <div
+            key={toast.id}
+            className={`px-4 py-3 rounded-lg shadow-lg text-white text-sm animate-slide-up ${
+              toast.type === 'success'
+                ? 'bg-green-600'
+                : toast.type === 'error'
+                ? 'bg-red-600'
+                : 'bg-primary-600'
+            }`}
+          >
+            {toast.message}
+          </div>
+        ))}
+      </div>
+    </ToastContext.Provider>
+  );
+}
diff --git a/src/lib/auth.ts b/src/lib/auth.ts
new file mode 100644
index 0000000..7996cc0
--- /dev/null
+++ b/src/lib/auth.ts
@@ -0,0 +1,64 @@
+import { NextAuthOptions } from 'next-auth';
+import CredentialsProvider from 'next-auth/providers/credentials';
+import { compare } from 'bcryptjs';
+import { prisma } from './prisma';
+
+export const authOptions: NextAuthOptions = {
+  providers: [
+    CredentialsProvider({
+      name: 'credentials',
+      credentials: {
+        email: { label: 'Email', type: 'email' },
+        password: { label: 'Password', type: 'password' },
+      },
+      async authorize(credentials) {
+        if (!credentials?.email || !credentials?.password) {
+          return null;
+        }
+
+        const user = await prisma.user.findUnique({
+          where: { email: credentials.email },
+        });
+
+        if (!user) {
+          return null;
+        }
+
+        const isValid = await compare(credentials.password, user.passwordHash);
+        if (!isValid) {
+          return null;
+        }
+
+        return {
+          id: user.id,
+          email: user.email,
+          name: user.name,
+          role: user.role,
+        };
+      },
+    }),
+  ],
+  session: {
+    strategy: 'jwt',
+  },
+  callbacks: {
+    async jwt({ token, user }) {
+      if (user) {
+        token.role = (user as any).role;
+        token.id = user.id;
+        token.name = user.name ?? undefined;
+      }
+      return token;
+    },
+    async session({ session, token }) {
+      if (session.user) {
+        (session.user as any).role = token.role;
+        (session.user as any).id = token.id;
+      }
+      return session;
+    },
+  },
+  pages: {
+    signIn: '/login',
+  },
+};
diff --git a/src/lib/autoEmail.ts b/src/lib/autoEmail.ts
new file mode 100644
index 0000000..74ef9e9
--- /dev/null
+++ b/src/lib/autoEmail.ts
@@ -0,0 +1,360 @@
+import { prisma } from './prisma';
+import { sendEmail, renderTemplate } from './email';
+
+async function getGameContext() {
+  const settings = await prisma.gameSettings.findUnique({
+    where: { id: 'singleton' },
+    include: { paymentMethods: true },
+  }) as any;
+
+  const gameUrl = process.env.NEXTAUTH_URL || 'http://localhost:3000';
+
+  const enabledPayments = settings?.paymentMethods?.filter((pm: any) => pm.enabled) || [];
+  const paymentMethodsText = enabledPayments.length > 0
+    ? enabledPayments.map((pm: any) => `${pm.type}: ${pm.value}`).join('\n')
+    : 'Contact the commissioner for payment details.';
+
+  return { settings, gameUrl, paymentMethodsText };
+}
+
+async function getTemplate(name: string) {
+  return prisma.emailTemplate.findUnique({ where: { name } });
+}
+
+function fireAndForget(fn: () => Promise<void>) {
+  fn().catch((err) => console.error('[AutoEmail]', err));
+}
+
+/**
+ * Send welcome email when a user registers.
+ */
+export function sendWelcomeEmail(userName: string, userEmail: string) {
+  fireAndForget(async () => {
+    const template = await getTemplate('welcome');
+    if (!template) return;
+
+    const { settings, gameUrl } = await getGameContext();
+
+    const variables: Record<string, string> = {
+      name: userName,
+      email: userEmail,
+      commissioner: settings?.commissioner || '',
+      eventName: settings?.eventName || '',
+      gameUrl,
+    };
+
+    const subject = renderTemplate(template.subject, variables);
+    const body = renderTemplate(template.body, variables);
+    await sendEmail(userEmail, subject, body);
+    console.log(`[AutoEmail] Welcome email sent to ${userEmail}`);
+  });
+}
+
+/**
+ * Send square purchase confirmation email.
+ */
+export function sendPurchaseConfirmationEmail(
+  name: string,
+  email: string,
+  positions: string[]
+) {
+  fireAndForget(async () => {
+    const template = await getTemplate('square_confirmation');
+    if (!template) return;
+
+    const { settings, gameUrl, paymentMethodsText } = await getGameContext();
+    const amountDue = ((settings?.betAmount || 10) * positions.length).toFixed(2);
+
+    const variables: Record<string, string> = {
+      name,
+      email,
+      squares: positions.join(', '),
+      amountDue,
+      commissioner: settings?.commissioner || '',
+      eventName: settings?.eventName || '',
+      gameUrl,
+      graceHours: String(settings?.graceHours || 48),
+      paymentInstructions: settings?.paymentInstructions || '',
+      paymentMethods: paymentMethodsText,
+    };
+
+    const subject = renderTemplate(template.subject, variables);
+    const body = renderTemplate(template.body, variables);
+    await sendEmail(email, subject, body);
+    console.log(`[AutoEmail] Purchase confirmation sent to ${email} for squares ${positions.join(', ')}`);
+  });
+}
+
+/**
+ * Send email when square is confirmed by admin.
+ */
+export function sendSquareConfirmedEmail(position: string) {
+  fireAndForget(async () => {
+    const square = await prisma.square.findUnique({
+      where: { position },
+      include: { user: { select: { name: true, email: true } } },
+    });
+    if (!square) return;
+
+    const email = square.user?.email || square.guestEmail;
+    const name = square.user?.name || square.guestName;
+    if (!email || !name) return;
+
+    const template = await getTemplate('square_confirmed');
+    if (!template) return;
+
+    const { settings, gameUrl } = await getGameContext();
+
+    const variables: Record<string, string> = {
+      name,
+      email,
+      squares: position,
+      commissioner: settings?.commissioner || '',
+      eventName: settings?.eventName || '',
+      gameUrl,
+    };
+
+    const subject = renderTemplate(template.subject, variables);
+    const body = renderTemplate(template.body, variables);
+    await sendEmail(email, subject, body);
+    console.log(`[AutoEmail] Square confirmed email sent to ${email} for square ${position}`);
+  });
+}
+
+/**
+ * Send email when square is released by admin.
+ */
+export function sendSquareReleasedEmail(
+  name: string,
+  email: string,
+  position: string
+) {
+  fireAndForget(async () => {
+    const template = await getTemplate('square_released');
+    if (!template) return;
+
+    const { settings, gameUrl } = await getGameContext();
+
+    const variables: Record<string, string> = {
+      name,
+      email,
+      squares: position,
+      commissioner: settings?.commissioner || '',
+      eventName: settings?.eventName || '',
+      gameUrl,
+    };
+
+    const subject = renderTemplate(template.subject, variables);
+    const body = renderTemplate(template.body, variables);
+    await sendEmail(email, subject, body);
+    console.log(`[AutoEmail] Square released email sent to ${email} for square ${position}`);
+  });
+}
+
+/**
+ * Send numbers assigned email to all participants.
+ */
+export function sendNumbersAssignedEmails() {
+  fireAndForget(async () => {
+    const template = await getTemplate('numbers_assigned');
+    if (!template) return;
+
+    const { settings, gameUrl } = await getGameContext();
+
+    // Get all unique participants
+    const squares = await prisma.square.findMany({
+      where: {
+        OR: [
+          { userId: { not: null } },
+          { guestEmail: { not: null } },
+        ],
+      },
+      include: { user: { select: { name: true, email: true } } },
+    });
+
+    const recipientMap = new Map<string, { name: string; email: string }>();
+    for (const sq of squares) {
+      const email = sq.user?.email || sq.guestEmail;
+      const name = sq.user?.name || sq.guestName;
+      if (email && name) {
+        recipientMap.set(email, { name, email });
+      }
+    }
+
+    let sent = 0;
+    for (const recipient of Array.from(recipientMap.values())) {
+      const variables: Record<string, string> = {
+        name: recipient.name,
+        email: recipient.email,
+        commissioner: settings?.commissioner || '',
+        eventName: settings?.eventName || '',
+        gameUrl,
+      };
+
+      const subject = renderTemplate(template.subject, variables);
+      const body = renderTemplate(template.body, variables);
+      try {
+        await sendEmail(recipient.email, subject, body);
+        sent++;
+      } catch (err) {
+        console.error(`[AutoEmail] Failed to send numbers assigned to ${recipient.email}:`, err);
+      }
+    }
+    console.log(`[AutoEmail] Numbers assigned emails sent to ${sent} participants`);
+  });
+}
+
+/**
+ * Send game results email when final score is entered.
+ */
+export function sendGameResultsEmails(winners: Record<string, { position: string; name: string }>) {
+  fireAndForget(async () => {
+    const template = await getTemplate('game_results');
+    if (!template) return;
+
+    const { settings, gameUrl } = await getGameContext();
+    const totalPot = (settings?.betAmount || 0) * 100;
+
+    const quarterLabels: Record<string, { label: string; pct: number }> = {
+      first: { label: 'Q1', pct: settings?.winFirstPct || 20 },
+      half: { label: 'Q2 (Half)', pct: settings?.winSecondPct || 20 },
+      third: { label: 'Q3', pct: settings?.winThirdPct || 20 },
+      final: { label: 'Final', pct: settings?.winFinalPct || 30 },
+    };
+
+    const winnerLines = Object.entries(winners).map(([key, w]) => {
+      const qi = quarterLabels[key];
+      const prize = (totalPot * qi.pct / 100).toFixed(2);
+      return `${qi.label}: ${w.name} (Square ${w.position}) - $${prize}`;
+    });
+
+    const winnersText = winnerLines.length > 0
+      ? winnerLines.join('\n')
+      : 'No winners determined yet.';
+
+    // Get all unique participants
+    const squares = await prisma.square.findMany({
+      where: {
+        OR: [
+          { userId: { not: null } },
+          { guestEmail: { not: null } },
+        ],
+      },
+      include: { user: { select: { name: true, email: true } } },
+    });
+
+    const recipientMap = new Map<string, { name: string; email: string }>();
+    for (const sq of squares) {
+      const email = sq.user?.email || sq.guestEmail;
+      const name = sq.user?.name || sq.guestName;
+      if (email && name) {
+        recipientMap.set(email, { name, email });
+      }
+    }
+
+    let sent = 0;
+    for (const recipient of Array.from(recipientMap.values())) {
+      const variables: Record<string, string> = {
+        name: recipient.name,
+        email: recipient.email,
+        winners: winnersText,
+        commissioner: settings?.commissioner || '',
+        eventName: settings?.eventName || '',
+        gameUrl,
+      };
+
+      const subject = renderTemplate(template.subject, variables);
+      const body = renderTemplate(template.body, variables);
+      try {
+        await sendEmail(recipient.email, subject, body);
+        sent++;
+      } catch (err) {
+        console.error(`[AutoEmail] Failed to send game results to ${recipient.email}:`, err);
+      }
+    }
+    console.log(`[AutoEmail] Game results emails sent to ${sent} participants`);
+  });
+}
+
+/**
+ * Check for squares approaching grace period deadline and send reminders.
+ * Called periodically from server.js.
+ */
+export async function checkPaymentReminders() {
+  try {
+    const settings = await prisma.gameSettings.findUnique({
+      where: { id: 'singleton' },
+      include: { paymentMethods: true },
+    }) as any;
+    if (!settings || !settings.graceHours) return;
+
+    const template = await getTemplate('payment_reminder');
+    if (!template) return;
+
+    const gameUrl = process.env.NEXTAUTH_URL || 'http://localhost:3000';
+    const enabledPayments = settings.paymentMethods?.filter((pm: any) => pm.enabled) || [];
+    const paymentMethodsText = enabledPayments.length > 0
+      ? enabledPayments.map((pm: any) => `${pm.type}: ${pm.value}`).join('\n')
+      : 'Contact the commissioner for payment details.';
+
+    // Find unconfirmed squares where reminder hasn't been sent
+    // and we're within 2 hours of the grace period deadline
+    const now = new Date();
+    const unconfirmed = await prisma.square.findMany({
+      where: {
+        confirmed: false,
+        reminderSent: false,
+        signupDate: { not: null },
+        OR: [
+          { userId: { not: null } },
+          { guestEmail: { not: null } },
+        ],
+      },
+      include: { user: { select: { name: true, email: true } } },
+    });
+
+    for (const sq of unconfirmed) {
+      if (!sq.signupDate) continue;
+
+      const deadline = new Date(sq.signupDate.getTime() + settings.graceHours * 60 * 60 * 1000);
+      const reminderTime = new Date(deadline.getTime() - 2 * 60 * 60 * 1000);
+
+      if (now >= reminderTime && now < deadline) {
+        const email = sq.user?.email || sq.guestEmail;
+        const name = sq.user?.name || sq.guestName;
+        if (!email || !name) continue;
+
+        const amountDue = (settings.betAmount).toFixed(2);
+        const variables: Record<string, string> = {
+          name,
+          email,
+          squares: sq.position,
+          amountDue,
+          commissioner: settings.commissioner || '',
+          eventName: settings.eventName || '',
+          gameUrl,
+          graceHours: String(settings.graceHours),
+          paymentInstructions: settings.paymentInstructions || '',
+          paymentMethods: paymentMethodsText,
+          rulesText: settings.rulesText || '',
+        };
+
+        const subject = renderTemplate(template.subject, variables);
+        const body = renderTemplate(template.body, variables);
+
+        try {
+          await sendEmail(email, subject, body);
+          await prisma.square.update({
+            where: { id: sq.id },
+            data: { reminderSent: true },
+          });
+          console.log(`[AutoEmail] Payment reminder sent to ${email} for square ${sq.position}`);
+        } catch (err) {
+          console.error(`[AutoEmail] Failed to send reminder to ${email}:`, err);
+        }
+      }
+    }
+  } catch (err) {
+    console.error('[AutoEmail] Payment reminder check error:', err);
+  }
+}
diff --git a/src/lib/email.ts b/src/lib/email.ts
new file mode 100644
index 0000000..f6baf03
--- /dev/null
+++ b/src/lib/email.ts
@@ -0,0 +1,47 @@
+import nodemailer from 'nodemailer';
+import { prisma } from './prisma';
+
+export async function getTransporter() {
+  const settings = await prisma.emailSettings.findUnique({
+    where: { id: 'singleton' },
+  });
+
+  if (!settings || !settings.smtpHost) {
+    return null;
+  }
+
+  return nodemailer.createTransport({
+    host: settings.smtpHost,
+    port: settings.smtpPort,
+    secure: settings.smtpPort === 465,
+    auth: {
+      user: settings.smtpUser,
+      pass: settings.smtpPass,
+    },
+  });
+}
+
+export async function sendEmail(to: string, subject: string, body: string) {
+  const transporter = await getTransporter();
+  if (!transporter) {
+    throw new Error('Email not configured');
+  }
+
+  const settings = await prisma.emailSettings.findUnique({
+    where: { id: 'singleton' },
+  });
+
+  return transporter.sendMail({
+    from: `"${settings?.fromName || 'Super Bowl Squares'}" <${settings?.fromEmail || 'noreply@localhost'}>`,
+    to,
+    subject,
+    text: body,
+  });
+}
+
+export function renderTemplate(
+  template: string,
+  variables: Record<string, string>
+): string {
+  return template.replace(/\{\{(\w+)\}\}/g, (_, key) => variables[key] || '');
+}
diff --git a/src/lib/prisma.ts b/src/lib/prisma.ts
new file mode 100644
index 0000000..464b14d
--- /dev/null
+++ b/src/lib/prisma.ts
@@ -0,0 +1,9 @@
+import { PrismaClient } from '@prisma/client';
+
+const globalForPrisma = globalThis as unknown as {
+  prisma: PrismaClient | undefined;
+};
+
+export const prisma = globalForPrisma.prisma ?? new PrismaClient();
+
+if (process.env.NODE_ENV !== 'production') globalForPrisma.prisma = prisma;
diff --git a/src/lib/utils.ts b/src/lib/utils.ts
new file mode 100644
index 0000000..d8f6026
--- /dev/null
+++ b/src/lib/utils.ts
@@ -0,0 +1,57 @@
+/**
+ * Generate a shuffled array of numbers 0-9
+ */
+export function generateShuffledNumbers(): number[] {
+  const numbers = [0, 1, 2, 3, 4, 5, 6, 7, 8, 9];
+  for (let i = numbers.length - 1; i > 0; i--) {
+    const j = Math.floor(Math.random() * (i + 1));
+    [numbers[i], numbers[j]] = [numbers[j], numbers[i]];
+  }
+  return numbers;
+}
+
+/**
+ * Determine the winner square position for a given quarter based on scores
+ * and the assigned grid numbers.
+ *
+ * @param nfcScore - NFC team score
+ * @param afcScore - AFC team score
+ * @param gridNumbers - Array of {position, nfcNumber, afcNumber}
+ * @returns The winning square position string (e.g. "34") or null
+ */
+export function findWinnerPosition(
+  nfcScore: number,
+  afcScore: number,
+  gridNumbers: { position: number; nfcNumber: number; afcNumber: number }[]
+): string | null {
+  const nfcLastDigit = nfcScore % 10;
+  const afcLastDigit = afcScore % 10;
+
+  const nfcRow = gridNumbers.find((g) => g.nfcNumber === nfcLastDigit);
+  const afcCol = gridNumbers.find((g) => g.afcNumber === afcLastDigit);
+
+  if (!nfcRow || !afcCol) return null;
+
+  // Position is row (NFC) + col (AFC)
+  return `${nfcRow.position}${afcCol.position}`;
+}
+
+/**
+ * Format currency
+ */
+export function formatCurrency(amount: number): string {
+  return new Intl.NumberFormat('en-US', {
+    style: 'currency',
+    currency: 'USD',
+  }).format(amount);
+}
+
+/**
+ * Get display name for a square (user name or guest name)
+ */
+export function getSquareDisplayName(square: {
+  user?: { name: string } | null;
+  guestName?: string | null;
+}): string {
+  return square.user?.name || square.guestName || '';
+}
diff --git a/src/lib/ws.tsx b/src/lib/ws.tsx
new file mode 100644
index 0000000..d15c461
--- /dev/null
+++ b/src/lib/ws.tsx
@@ -0,0 +1,117 @@
+'use client';
+
+import { createContext, useContext, useEffect, useRef, useState, useCallback, type ReactNode } from 'react';
+
+interface ChatMsg {
+  id: string;
+  userName: string;
+  message: string;
+  createdAt: string;
+}
+
+interface WebSocketContextValue {
+  messages: ChatMsg[];
+  connected: boolean;
+  sendMessage: (message: string, userId?: string) => void;
+  deleteMessage: (messageId: string, userId?: string) => void;
+  squaresVersion: number;
+  notifySquaresChanged: () => void;
+}
+
+const WebSocketContext = createContext<WebSocketContextValue>({
+  messages: [],
+  connected: false,
+  sendMessage: () => {},
+  deleteMessage: () => {},
+  squaresVersion: 0,
+  notifySquaresChanged: () => {},
+});
+
+export function WebSocketProvider({ children }: { children: ReactNode }) {
+  const wsRef = useRef<WebSocket | null>(null);
+  const reconnectTimeoutRef = useRef<ReturnType<typeof setTimeout> | null>(null);
+  const [messages, setMessages] = useState<ChatMsg[]>([]);
+  const [connected, setConnected] = useState(false);
+  const [squaresVersion, setSquaresVersion] = useState(0);
+
+  useEffect(() => {
+    function createSocket() {
+      const protocol = window.location.protocol === 'https:' ? 'wss:' : 'ws:';
+      const ws = new WebSocket(`${protocol}//${window.location.host}/ws/chat`);
+      wsRef.current = ws;
+
+      ws.onopen = () => setConnected(true);
+
+      ws.onclose = () => {
+        setConnected(false);
+        wsRef.current = null;
+        reconnectTimeoutRef.current = setTimeout(() => {
+          createSocket();
+        }, 3000);
+      };
+
+      ws.onerror = () => {
+        // Let onclose handle reconnection
+      };
+
+      ws.onmessage = (event) => {
+        try {
+          const data = JSON.parse(event.data);
+          if (data.type === 'chat:history') {
+            setMessages(data.messages);
+          } else if (data.type === 'chat:message') {
+            setMessages((prev) => [...prev, data.message]);
+          } else if (data.type === 'chat:delete') {
+            setMessages((prev) => prev.filter((m) => m.id !== data.messageId));
+          } else if (data.type === 'squares:refresh') {
+            setSquaresVersion((v) => v + 1);
+          }
+        } catch {
+          // ignore invalid messages
+        }
+      };
+    }
+
+    createSocket();
+
+    return () => {
+      if (reconnectTimeoutRef.current) {
+        clearTimeout(reconnectTimeoutRef.current);
+        reconnectTimeoutRef.current = null;
+      }
+      if (wsRef.current) {
+        wsRef.current.onclose = null;
+        wsRef.current.close();
+        wsRef.current = null;
+      }
+    };
+  }, []);
+
+  const sendMessage = useCallback((message: string, userId?: string) => {
+    if (wsRef.current?.readyState === WebSocket.OPEN) {
+      wsRef.current.send(JSON.stringify({ type: 'chat:message', message, userId }));
+    }
+  }, []);
+
+  const deleteMessage = useCallback((messageId: string, userId?: string) => {
+    if (wsRef.current?.readyState === WebSocket.OPEN) {
+      wsRef.current.send(JSON.stringify({ type: 'chat:delete', messageId, userId }));
+    }
+  }, []);
+
+  const notifySquaresChanged = useCallback(() => {
+    if (wsRef.current?.readyState === WebSocket.OPEN) {
+      wsRef.current.send(JSON.stringify({ type: 'squares:changed' }));
+    }
+  }, []);
+
+  return (
+    <WebSocketContext.Provider value={{ messages, connected, sendMessage, deleteMessage, squaresVersion, notifySquaresChanged }}>
+      {children}
+    </WebSocketContext.Provider>
+  );
+}
+
+export function useWebSocket() {
+  return useContext(WebSocketContext);
+}
diff --git a/src/middleware.ts b/src/middleware.ts
new file mode 100644
index 0000000..82c4e05
--- /dev/null
+++ b/src/middleware.ts
@@ -0,0 +1,56 @@
+import { withAuth } from 'next-auth/middleware';
+import { NextResponse } from 'next/server';
+
+export default withAuth(
+  function middleware(req) {
+    const { pathname } = req.nextUrl;
+    const token = req.nextauth.token;
+
+    // Admin routes require ADMIN or VIEWER role
+    if (pathname.startsWith('/admin')) {
+      if (token?.role !== 'ADMIN' && token?.role !== 'VIEWER') {
+        return NextResponse.redirect(new URL('/login', req.url));
+      }
+    }
+
+    // My-squares requires PLAYER or higher
+    if (pathname.startsWith('/my-squares')) {
+      if (!token?.role) {
+        return NextResponse.redirect(new URL('/login', req.url));
+      }
+    }
+
+    return NextResponse.next();
+  },
+  {
+    callbacks: {
+      authorized: ({ token, req }) => {
+        const { pathname } = req.nextUrl;
+        // Allow public routes without auth
+        if (
+          pathname === '/' ||
+          pathname === '/login' ||
+          pathname === '/register' ||
+          pathname === '/signup' ||
+          pathname === '/setup' ||
+          pathname.startsWith('/api/auth') ||
+          pathname.startsWith('/api/setup') ||
+          pathname.startsWith('/api/squares') ||
+          pathname.startsWith('/api/users') ||
+          pathname.startsWith('/_next') ||
+          pathname.startsWith('/images')
+        ) {
+          return true;
+        }
+        // All other routes require authentication
+        return !!token;
+      },
+    },
+  }
+);
+
+export const config = {
+  matcher: [
+    '/((?!_next/static|_next/image|favicon.ico|images).*)',
+  ],
+};
diff --git a/src/types/index.ts b/src/types/index.ts
new file mode 100644
index 0000000..2549168
--- /dev/null
+++ b/src/types/index.ts
@@ -0,0 +1,26 @@
+import { Role } from '@prisma/client';
+
+export interface SessionUser {
+  id: string;
+  name: string;
+  email: string;
+  role: Role;
+}
+
+declare module 'next-auth' {
+  interface Session {
+    user: SessionUser;
+  }
+
+  interface User {
+    role: Role;
+  }
+}
+
+declare module 'next-auth/jwt' {
+  interface JWT {
+    role: Role;
+    id: string;
+    name?: string;
+  }
+}
diff --git a/tailwind.config.ts b/tailwind.config.ts
new file mode 100644
index 0000000..03666a8
--- /dev/null
+++ b/tailwind.config.ts
@@ -0,0 +1,53 @@
+import type { Config } from 'tailwindcss';
+
+const config: Config = {
+  content: [
+    './src/pages/**/*.{js,ts,jsx,tsx,mdx}',
+    './src/components/**/*.{js,ts,jsx,tsx,mdx}',
+    './src/app/**/*.{js,ts,jsx,tsx,mdx}',
+  ],
+  theme: {
+    extend: {
+      colors: {
+        primary: {
+          50: '#eff6ff',
+          100: '#dbeafe',
+          200: '#bfdbfe',
+          300: '#93c5fd',
+          400: '#60a5fa',
+          500: '#3b82f6',
+          600: '#2563eb',
+          700: '#1d4ed8',
+          800: '#1e40af',
+          900: '#1e3a8a',
+          950: '#172554',
+        },
+        accent: {
+          50: '#fdf4ff',
+          100: '#fae8ff',
+          200: '#f5d0fe',
+          300: '#f0abfc',
+          400: '#e879f9',
+          500: '#d946ef',
+          600: '#c026d3',
+          700: '#a21caf',
+          800: '#86198f',
+          900: '#701a75',
+        },
+        success: '#22c55e',
+        warning: '#f59e0b',
+        danger: '#ef4444',
+      },
+      boxShadow: {
+        'glow-sm': '0 0 10px rgba(59, 130, 246, 0.15)',
+        'glow': '0 0 20px rgba(59, 130, 246, 0.2)',
+        'glow-lg': '0 0 30px rgba(59, 130, 246, 0.25)',
+        'glow-green': '0 0 15px rgba(34, 197, 94, 0.15)',
+        'glow-amber': '0 0 15px rgba(245, 158, 11, 0.15)',
+      },
+    },
+  },
+  plugins: [],
+};
+
+export default config;
diff --git a/tsconfig.json b/tsconfig.json
new file mode 100644
index 0000000..e2b0782
--- /dev/null
+++ b/tsconfig.json
@@ -0,0 +1,20 @@
+{
+  "compilerOptions": {
+    "lib": ["dom", "dom.iterable", "esnext"],
+    "allowJs": true,
+    "skipLibCheck": true,
+    "strict": true,
+    "noEmit": true,
+    "esModuleInterop": true,
+    "module": "esnext",
+    "moduleResolution": "bundler",
+    "resolveJsonModule": true,
+    "isolatedModules": true,
+    "jsx": "preserve",
+    "incremental": true,
+    "plugins": [{ "name": "next" }],
+    "paths": { "@/*": ["./src/*"] }
+  },
+  "include": ["next-env.d.ts", "**/*.ts", "**/*.tsx", ".next/types/**/*.ts"],
+  "exclude": ["node_modules"]
+}