diff --git a/admin.php b/admin.php
new file mode 100644
index 0000000..2543d8b
--- /dev/null
+++ b/admin.php
@@ -0,0 +1,56 @@
+<?php
+require 'db.php';
+session_start();
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = $_POST['username'];
+    $password = $_POST['password'];
+
+    $stmt = $pdo->prepare("SELECT * FROM admin_users WHERE username = :username");
+    $stmt->execute(['username' => $username]);
+    $user = $stmt->fetch();
+
+    if ($user) {
+        // Check if the password matches using bcrypt
+        if (password_verify($password, $user['password_hash'])) {
+            $_SESSION['admin_logged_in'] = true;
+            header('Location: admin_portal.php');
+            exit;
+        } 
+        // Check if the password matches using SHA-256 (legacy support)
+        elseif (hash('sha256', $password) === $user['password_hash']) {
+            // Rehash the password with bcrypt for future logins
+            $new_hash = password_hash($password, PASSWORD_BCRYPT);
+            $update_stmt = $pdo->prepare("UPDATE admin_users SET password_hash = :new_hash WHERE id = :id");
+            $update_stmt->execute(['new_hash' => $new_hash, 'id' => $user['id']]);
+
+            $_SESSION['admin_logged_in'] = true;
+            header('Location: admin_portal.php');
+            exit;
+        }
+    }
+
+    // If neither bcrypt nor SHA-256 matched
+    $error = "Invalid username or password.";
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin Login</title>
+</head>
+<body>
+    <h1>Admin Login</h1>
+    <?php if (isset($error)): ?>
+        <p style="color: red;"><?= htmlspecialchars($error) ?></p>
+    <?php endif; ?>
+    <form method="POST">
+        <label>Username: <input type="text" name="username" required></label><br>
+        <label>Password: <input type="password" name="password" required></label><br>
+        <button type="submit">Login</button>
+    </form>
+</body>
+</html>
diff --git a/admin_login.php b/admin_login.php
new file mode 100644
index 0000000..1719036
--- /dev/null
+++ b/admin_login.php
@@ -0,0 +1,65 @@
+<?php
+require 'db.php';
+session_start();
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = $_POST['username'];
+    $password = $_POST['password'];
+
+    $stmt = $pdo->prepare("SELECT * FROM admin_users WHERE username = :username");
+    $stmt->execute(['username' => $username]);
+    $user = $stmt->fetch();
+
+    if ($user) {
+        // Check if the password matches using bcrypt
+        if (password_verify($password, $user['password_hash'])) {
+            $_SESSION['admin_logged_in'] = true;
+            header('Location: admin_portal.php');
+            exit;
+        } 
+        // Check if the password matches using SHA-256 (legacy support)
+        elseif (hash('sha256', $password) === $user['password_hash']) {
+            // Rehash the password with bcrypt for future logins
+            $new_hash = password_hash($password, PASSWORD_BCRYPT);
+            $update_stmt = $pdo->prepare("UPDATE admin_users SET password_hash = :new_hash WHERE id = :id");
+            $update_stmt->execute(['new_hash' => $new_hash, 'id' => $user['id']]);
+
+            $_SESSION['admin_logged_in'] = true;
+            header('Location: admin_portal.php');
+            exit;
+        }
+    }
+
+    // If neither bcrypt nor SHA-256 matched
+    $error = "Invalid username or password.";
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+	<meta name="viewport" content="width=device-width, initial-scale=1.0">
+	<link rel="stylesheet" href="/css/main.css">
+    <title>Restaurant Picker - Admin Login</title>
+</head>
+<body>
+  <div class="login">
+    <?php include "header.php"; ?>
+    <h2>Admin Login</h2>
+    <?php if (!empty($error)): ?>
+        <p style="color: red;"><?= htmlspecialchars($error) ?></p>
+    <?php endif; ?>
+    <form method="POST">
+        <!--<label for="text">Username:</label>
+        <input type="text" name="username" id="username" required> -->
+		<input type="text" name="username" id="username" placeholder="Username" required /><br>
+        <br>
+        <!--<label for="password">Password:</label>
+        <input type="password" name="password" id="password" required> -->
+		<input type="password" name="password" id="password" placeholder="Password" required /><br>
+        <br>
+        <button class="btn btn-primary btn-block btn-large" type="submit">Login</button>
+    </form>
+</body>
+</html>
diff --git a/admin_portal.php b/admin_portal.php
new file mode 100644
index 0000000..4257163
--- /dev/null
+++ b/admin_portal.php
@@ -0,0 +1,85 @@
+<?php
+require 'db.php';
+session_start();
+
+if (!isset($_SESSION['admin_logged_in']) || !$_SESSION['admin_logged_in']) {
+    header('Location: admin_login.php');
+    exit;
+}
+
+// Handle Form Submission (Adding a New Restaurant)
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && empty($_GET['edit_id'])) {
+    $name = $_POST['name'];
+    $google_map_link = $_POST['google_map_link'];
+//    $google_map_link = urlencode($_POST['google_map_link']); - tried to remove invalid characters, but affected the :// in URL
+    $menu_link = $_POST['menu_link'];
+    $cost_category = $_POST['cost_category'];
+    $food_type = $_POST['food_type'];
+    $food_type_subcategory = $_POST['food_type_subcategory'];
+
+    $stmt = $pdo->prepare("
+        INSERT INTO restaurants (name, google_map_link, menu_link, cost_category, food_type, food_type_subcategory)
+        VALUES (:name, :google_map_link, :menu_link, :cost_category, :food_type, :food_type_subcategory)
+    ");
+    $stmt->execute([
+        'name' => $name,
+        'google_map_link' => $google_map_link,
+        'menu_link' => $menu_link,
+        'cost_category' => $cost_category,
+        'food_type' => $food_type,
+        'food_type_subcategory' => $food_type_subcategory,
+    ]);
+    $success = "Restaurant added successfully!";
+}
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+	<link rel="stylesheet" href="/css/main.css">
+    <title>Admin Portal</title>
+</head>
+<body>
+  <div class="login">
+<?php include "header.php"; ?>
+    <?php if (!empty($success)): ?>
+        <p style="color: green;"><?= htmlspecialchars($success) ?></p>
+    <?php endif; ?>
+    
+    <h2>Add New Restaurant</h2>
+    <form method="POST">
+        <label for="cost_category">Cost Category:</label>
+        <select class="minimal" name="cost_category" id="cost_category" required>
+            <option value="cheap">Cheap</option>
+            <option value="moderate">Moderate</option>
+            <option value="expensive">Expensive</option>
+        </select><br>
+		<br>
+		
+		<!--<label for="name">Restaurant Name:</label>
+        <input type="text" name="name" id="name" required><br> -->
+		<input type="text" name="name" placeholder="Restaurant Name" id="name" required /><br>
+        
+        <!--<label for="google_map_link">Google Map Link:</label>
+        <input type="url" name="google_map_link" id="google_map_link" required><br> -->
+		<input type="url" name="google_map_link" placeholder="Google Map Link" id="google_map_link" required /><br>
+        
+        <!--<label for="menu_link">Menu Link (optional):</label>
+        <input type="url" name="menu_link" id="menu_link"><br> -->
+		<input type="url" name="menu_link" placeholder="Menu Link (optional)" id="menu_link"/><br>
+        
+        <!--<label for="food_type">Food Type:</label>
+        <input type="text" name="food_type" id="food_type" required><br> -->
+        <input type="text" name="food_type" placeholder="Food Type" id="food_type" required /><br>
+		
+        <!--<label for="food_type_subcategory">Food Type Subcategory (optional):</label>
+        <input type="text" name="food_type_subcategory" id="food_type_subcategory"><br> -->
+		<input type="text" name="food_type_subcategory" placeholder="Keywords (comma seperated)" id="food_type_subcategory" required /><br>
+        
+        <button class="btn btn-primary btn-block btn-large" type="submit">Add Restaurant</button>
+    </form>
+</div>
+</body>
+</html>
diff --git a/dynamic_login_link.php b/dynamic_login_link.php
new file mode 100644
index 0000000..0f8cab7
--- /dev/null
+++ b/dynamic_login_link.php
@@ -0,0 +1,21 @@
+<?php
+// Start the session if not already started
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
+// Check if the user is logged in and display the appropriate link
+if (isset($_SESSION['admin_logged_in']) && $_SESSION['admin_logged_in'] === true) {
+    echo '
+<table width="600" border="0">
+  <tbody>
+    <tr>
+      <td width="103"><a href="index.php">Home</a></td>
+	  <td width="163"><a href="admin_portal.php">Add Restaurants</a></td>
+	  <td width="208"><a href="manage.php">Manage Restaurants</a></td>
+  </tbody>
+</table>';
+} else {
+    echo '<a href="admin_login.php">Login</a>';
+}
+?>
\ No newline at end of file
diff --git a/edit_restaurant.php b/edit_restaurant.php
new file mode 100644
index 0000000..003af44
--- /dev/null
+++ b/edit_restaurant.php
@@ -0,0 +1,88 @@
+<?php
+require 'db.php';
+session_start();
+
+if (!isset($_SESSION['admin_logged_in']) || !$_SESSION['admin_logged_in']) {
+    header('Location: admin_login.php');
+    exit;
+}
+
+$id = $_GET['id'];
+$stmt = $pdo->prepare("SELECT * FROM restaurants WHERE id = :id");
+$stmt->execute(['id' => $id]);
+$restaurant = $stmt->fetch();
+
+if (!$restaurant) {
+    echo "Restaurant not found.";
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $name = $_POST['name'];
+    $google_map_link = $_POST['google_map_link'];
+    $menu_link = $_POST['menu_link'];
+    $cost_category = $_POST['cost_category'];
+    $food_type = $_POST['food_type'];
+    $food_type_subcategory = $_POST['food_type_subcategory'];
+
+    $stmt = $pdo->prepare("
+        UPDATE restaurants
+        SET name = :name, google_map_link = :google_map_link, menu_link = :menu_link,
+            cost_category = :cost_category, food_type = :food_type, food_type_subcategory = :food_type_subcategory
+        WHERE id = :id
+    ");
+    $stmt->execute([
+        'name' => $name,
+        'google_map_link' => $google_map_link,
+        'menu_link' => $menu_link,
+        'cost_category' => $cost_category,
+        'food_type' => $food_type,
+        'food_type_subcategory' => $food_type_subcategory,
+        'id' => $id,
+    ]);
+
+    header('Location: manage.php');
+    exit;
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+	<link rel="stylesheet" href="/css/main.css">
+    <title>Restaurant Picker - Edit Restaurant</title>
+</head>
+<body>
+  <div class="login">
+<?php include "header.php"; ?>
+    <h2>Edit Restaurant</h2>
+    <form method="POST">
+		<label for="cost_category">Price:&nbsp;</label>
+        <select class="minimal" name="cost_category" id="cost_category" required>
+            <option value="cheap" <?= $restaurant['cost_category'] === 'cheap' ? 'selected' : '' ?>>Cheap</option>
+            <option value="moderate" <?= $restaurant['cost_category'] === 'moderate' ? 'selected' : '' ?>>Moderate</option>
+            <option value="expensive" <?= $restaurant['cost_category'] === 'expensive' ? 'selected' : '' ?>>Expensive</option>
+        </select><br>
+		<br />
+		
+        <label for="name">Restaurant Name:</label>
+        <input type="text" name="name" id="name" value="<?= htmlspecialchars($restaurant['name']) ?>" required><br>
+        
+        <label for="google_map_link">Google Map Link:</label>
+        <input type="url" name="google_map_link" id="google_map_link" value="<?= htmlspecialchars($restaurant['google_map_link']) ?>" required><br>
+        
+        <label for="menu_link">Menu Link (optional):</label>
+        <input type="url" name="menu_link" id="menu_link" value="<?= htmlspecialchars($restaurant['menu_link']) ?>"><br>
+        
+        <label for="food_type">Food Type:</label>
+        <input type="text" name="food_type" id="food_type" value="<?= htmlspecialchars($restaurant['food_type']) ?>" required><br>
+        
+        <label for="food_type_subcategory">Food Type Subcategory (optional):</label>
+        <input type="text" name="food_type_subcategory" id="food_type_subcategory" value="<?= htmlspecialchars($restaurant['food_type_subcategory']) ?>"><br>
+        
+        <button class="btn btn-primary btn-block btn-large" type="submit">Update Restaurant</button>
+    </form>
+</div>
+</body>
+</html>
diff --git a/header.php b/header.php
new file mode 100644
index 0000000..0d83108
--- /dev/null
+++ b/header.php
@@ -0,0 +1,26 @@
+	<p align="center"><img src="images/restaurant_logo.png" width="150" align="middle"></src></p>
+    <h1>Restaurant Picker</h1>
+<?php
+// Start the session if not already started
+if (session_status() === PHP_SESSION_NONE) {
+    session_start();
+}
+
+// Check if the user is logged in and display the appropriate link
+if (isset($_SESSION['admin_logged_in']) && $_SESSION['admin_logged_in'] === true) {
+    echo '
+<table border="0">
+  <tbody>
+    <tr>
+      <td width="103"><a href="index.php">Home</a></td>
+	  <td width="180"><a href="admin_portal.php">Add Restaurants</a></td>
+	  <td width="208"><a href="manage.php">Manage Restaurants</a></td>
+	  <td width="208"><a href="usradm.php">Manage Users</a></td>
+	  <td width="208"><a href="logout.php">Log Out</a></td>
+  </tbody>
+</table>';
+} else {
+    echo '<p align="right"><a href="admin_login.php">Admin</a></p>';
+}
+?>
+<br />
\ No newline at end of file
diff --git a/index.php b/index.php
new file mode 100644
index 0000000..6163c00
--- /dev/null
+++ b/index.php
@@ -0,0 +1,144 @@
+<?php
+require 'db.php';
+session_start();
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $cost_category = $_POST['cost_category'] ?? '';
+    $food_type = $_POST['food_type'] ?? '';
+    $food_type_subcategory = $_POST['food_type_subcategory'] ?? '';
+
+    // Start building the query
+    $query = "SELECT * FROM restaurants WHERE 1=1";  // Always true condition to avoid extra WHERE clauses
+    $params = [];
+
+    // Only apply the cost category filter if it's not 'any'
+    if ($cost_category && $cost_category !== 'any') {
+        $query .= " AND cost_category = :cost_category";
+        $params['cost_category'] = $cost_category;
+    }
+
+    // Only apply the food type filter if it's not 'any'
+    if ($food_type && $food_type !== 'any') {
+        $query .= " AND food_type = :food_type";
+        $params['food_type'] = $food_type;
+    }
+
+    // Apply the food type subcategory filter if provided
+    if (!empty($food_type_subcategory)) {
+        // Split the subcategory into keywords by commas and trim any spaces
+        $keywords = array_map('trim', explode(',', $food_type_subcategory));
+
+        // Create an array of LIKE conditions for each keyword
+        $subquery = [];
+        foreach ($keywords as $index => $keyword) {
+            // Use LIKE to match the subcategory
+            $subquery[] = "food_type_subcategory LIKE :food_type_subcategory_{$index}";
+            $params["food_type_subcategory_{$index}"] = "%{$keyword}%";
+        }
+
+        // Join the subqueries with OR to match any of the keywords
+        $query .= " AND (" . implode(' OR ', $subquery) . ")";
+    }
+
+    // Random selection with a limit of 1 result
+    $query .= " ORDER BY RAND() LIMIT 1";
+
+    // Prepare and execute the query
+    $stmt = $pdo->prepare($query);
+    $stmt->execute($params);
+    $restaurant = $stmt->fetch();
+}
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+	<link rel="stylesheet" href="/css/main.css">
+    <title>Restaurant Picker</title>
+    <script>
+        document.addEventListener("DOMContentLoaded", () => {
+            const subcategoryInput = document.getElementById("food_type_subcategory");
+
+            subcategoryInput.addEventListener("input", () => {
+                const query = subcategoryInput.value;
+                if (query.length < 2) return;
+
+                fetch(`subcategory_suggestions.php?q=${encodeURIComponent(query)}`)
+                    .then(response => response.json())
+                    .then(data => {
+                        const datalist = document.getElementById("subcategorySuggestions");
+                        datalist.innerHTML = "";
+                        data.forEach(keyword => {
+                            const option = document.createElement("option");
+                            option.value = keyword;
+                            datalist.appendChild(option);
+                        });
+                    });
+            });
+        });
+    </script>
+</head>
+<body>
+  <div class="login">
+<?php include "header.php"; ?>
+    <form method="post">
+        <label for="cost_category">Price:&nbsp;</label>
+      <select class="minimal" name="cost_category" id="cost_category" required>
+            <option value="any">Any</option>
+            <option value="cheap">Cheap</option>
+            <option value="moderate">Moderate</option>
+            <option value="expensive">Expensive</option>
+      </select><br>
+	  <br />
+        <label for="food_type">Cuisine:&nbsp;</label>
+      <select class="minimal" name="food_type" id="food_type" required>
+            <option value="any">Any</option>
+            <?php
+            $types = $pdo->query("SELECT DISTINCT food_type FROM restaurants")->fetchAll();
+            foreach ($types as $type) {
+                echo "<option value=\"" . htmlspecialchars($type['food_type']) . "\">" . htmlspecialchars($type['food_type']) . "</option>";
+            }
+            ?>
+        </select><br>
+		<br />
+		<input type="text" name="food_type_subcategory" placeholder="Keyword(s)" id="food_type_subcategory" list="subcategorySuggestions" />
+        <datalist id="subcategorySuggestions"></datalist><br>
+
+        <button type="submit" class="btn btn-primary btn-block btn-large">Find Restaurant</button>
+    </form>
+
+    <?php if (!empty($restaurant)): ?>
+        <h3>Selected Restaurant:</h3>
+    <p><h2><b><?= htmlspecialchars($restaurant['name']) ?>&nbsp;<img src="images/arrow_sm.png"></img></b></h2></p>
+        <p><a href="<?= htmlspecialchars($restaurant['menu_link']) ?>" target="_blank">View Menu</a></p>
+<?php
+// Extract the base URL and the query parameters
+$baseUrl = "https://www.google.com/maps/embed";
+$queryString = parse_url($restaurant['google_map_link'], PHP_URL_QUERY);
+
+// Encode the query string only
+$encodedQuery = urlencode($queryString);
+
+// Rebuild the final URL
+$finalMapUrl = $baseUrl . "?pb=" . $encodedQuery;
+?>
+<p align="center">
+<iframe
+    src="<?= htmlspecialchars($restaurant['google_map_link']) ?>" 
+    width="600" 
+    height="450" 
+    style="border:0;" 
+    allowfullscreen="" 
+    loading="lazy">
+</iframe>
+<br />
+<br />
+</p>
+    <?php else: ?>
+        <p>No results found based on your criteria.</p>
+    <?php endif; ?>
+<br />
+  </div>
+</body>
+</html>
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..2b8f290
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,6 @@
+<?php
+session_start();
+session_destroy();
+header('Location: index.php');
+exit;
+?>
diff --git a/manage.php b/manage.php
new file mode 100644
index 0000000..30e84b1
--- /dev/null
+++ b/manage.php
@@ -0,0 +1,69 @@
+<?php
+require 'db.php';
+session_start();
+
+if (!isset($_SESSION['admin_logged_in']) || !$_SESSION['admin_logged_in']) {
+    header('Location: admin_login.php');
+    exit;
+}
+
+// Handle Delete Request
+if (isset($_GET['delete_id'])) {
+    $delete_id = $_GET['delete_id'];
+    $stmt = $pdo->prepare("DELETE FROM restaurants WHERE id = :id");
+    $stmt->execute(['id' => $delete_id]);
+    header('Location: admin_portal.php');
+    exit;
+}
+
+// Fetch Restaurants for Display
+$restaurants = $pdo->query("SELECT * FROM restaurants")->fetchAll();
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+	<link rel="stylesheet" href="/css/main.css">
+    <title>Admin Portal</title>
+</head>
+<body>
+  <div class="login">
+<?php include "header.php"; ?>
+    <h2>Manage Restaurants</h2>
+    <?php if (!empty($success)): ?>
+        <p style="color: green;"><?= htmlspecialchars($success) ?></p>
+    <?php endif; ?>
+    <table border="1">
+        <tr>
+            <th>Name</th>
+            <th>Menu Link</th>
+            <th>Cost Category</th>
+            <th>Food Type</th>
+            <th>Subcategory</th>
+            <th>Actions</th>
+        </tr>
+        <?php foreach ($restaurants as $restaurant): ?>
+        <tr>
+            <td><?= htmlspecialchars($restaurant['name']) ?></td>
+            <td>
+                <?php if ($restaurant['menu_link']): ?>
+                    <a href="<?= htmlspecialchars($restaurant['menu_link']) ?>" target="_blank">View Menu</a>
+                <?php else: ?>
+                    N/A
+                <?php endif; ?>
+            </td>
+            <td><?= htmlspecialchars($restaurant['cost_category']) ?></td>
+            <td><?= htmlspecialchars($restaurant['food_type']) ?></td>
+            <td><?= htmlspecialchars($restaurant['food_type_subcategory']) ?></td>
+            <td>
+                <a href="edit_restaurant.php?id=<?= $restaurant['id'] ?>">Edit</a>
+                |
+                <a href="?delete_id=<?= $restaurant['id'] ?>" onclick="return confirm('Are you sure you want to delete this restaurant?');">Delete</a>
+            </td>
+        </tr>
+        <?php endforeach; ?>
+    </table>
+</div>
+</body>
+</html>
diff --git a/subcategory_suggestions.php b/subcategory_suggestions.php
new file mode 100644
index 0000000..745f75c
--- /dev/null
+++ b/subcategory_suggestions.php
@@ -0,0 +1,26 @@
+<?php
+require 'db.php';
+
+$query = $_GET['q'] ?? '';
+$suggestions = [];
+
+if (!empty($query)) {
+    $stmt = $pdo->prepare("
+        SELECT DISTINCT food_type_subcategory
+        FROM restaurants
+        WHERE food_type_subcategory LIKE :query
+    ");
+    $stmt->execute(['query' => "%$query%"]);
+
+    while ($row = $stmt->fetch()) {
+        $keywords = array_map('trim', explode(',', $row['food_type_subcategory']));
+        foreach ($keywords as $keyword) {
+            if (stripos($keyword, $query) !== false && !in_array($keyword, $suggestions)) {
+                $suggestions[] = $keyword;
+            }
+        }
+    }
+}
+
+header('Content-Type: application/json');
+echo json_encode($suggestions);
diff --git a/usradm.php b/usradm.php
new file mode 100644
index 0000000..65b9492
--- /dev/null
+++ b/usradm.php
@@ -0,0 +1,122 @@
+<?php
+require 'db.php';
+session_start();
+
+if (!isset($_SESSION['admin_logged_in']) || !$_SESSION['admin_logged_in']) {
+    header('Location: admin_login.php');
+    exit;
+}
+
+// Handle adding a new user
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'add_user') {
+    $username = $_POST['username'];
+    $password = $_POST['password_hash'];
+
+    // Hash the password for secure storage
+    $password_hash = password_hash($password, PASSWORD_BCRYPT);
+
+    try {
+        $stmt = $pdo->prepare("INSERT INTO admin_users (username, password_hash) VALUES (:username, :password_hash)");
+        $stmt->execute(['username' => $username, 'password_hash' => $password_hash]);
+        $message = "User added successfully!";
+    } catch (PDOException $e) {
+        $message = "Error: " . $e->getMessage();
+    }
+}
+
+// Handle deleting a user
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'delete_user') {
+    $user_id = $_POST['user_id'];
+
+    try {
+        $stmt = $pdo->prepare("DELETE FROM admin_users WHERE id = :id");
+        $stmt->execute(['id' => $user_id]);
+        $message = "User deleted successfully!";
+    } catch (PDOException $e) {
+        $message = "Error: " . $e->getMessage();
+    }
+}
+
+// Handle updating a user's password
+if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['action']) && $_POST['action'] === 'update_password') {
+    $user_id = $_POST['user_id'];
+    $new_password = $_POST['new_password'];
+
+    // Hash the new password
+    $password_hash = password_hash($new_password, PASSWORD_BCRYPT);
+
+    try {
+        $stmt = $pdo->prepare("UPDATE admin_users SET password_hash = :password_hash WHERE id = :id");
+        $stmt->execute(['password_hash' => $password_hash, 'id' => $user_id]);
+        $message = "Password updated successfully!";
+    } catch (PDOException $e) {
+        $message = "Error: " . $e->getMessage();
+    }
+}
+
+// Fetch all users
+$users = $pdo->query("SELECT id, username FROM admin_users")->fetchAll(PDO::FETCH_ASSOC);
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+	<link rel="stylesheet" href="/css/main.css">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Admin - User Management</title>
+</head>
+<body>
+ <div class="login">
+ 	<?php include "header.php"; ?>
+    <h2>Admin - User Management</h2>
+    <?php if (isset($message)): ?>
+        <p style="color:green;"><?= htmlspecialchars($message) ?></p>
+    <?php endif; ?>
+
+    <h3>Add a New User</h3>
+    <form method="POST">
+        <input type="hidden" name="action" value="add_user">
+        <!-- <label>Username: <input type="text" name="username" required></label><br> -->
+	  <input type="text" name="username" placeholder="Username" required /><br>
+        <!-- <label>Password: <input type="password" name="password" required></label><br> -->
+		<input type="password" name="password" placeholder="Password" required /><br>
+        <button class="btn btn-primary btn-block btn-large" type="submit">Add User</button>
+    </form>
+
+    <h3>Existing Users</h3>
+    <table width="800" border="1">
+        <tr>
+            <th width="17">ID</th>
+            <th width="82">Username</th>
+            <th width="66">Actions</th>
+			<th width="66">Password</th>
+        </tr>
+        <?php foreach ($users as $user): ?>
+        <tr>
+            <td><?= htmlspecialchars($user['id']) ?></td>
+            <td><?= htmlspecialchars($user['username']) ?></td>
+            <td>
+                <!-- Delete User -->
+                <form method="POST" style="display:inline;">
+                    <input type="hidden" name="action" value="delete_user">
+                    <input type="hidden" name="user_id" value="<?= $user['id'] ?>">
+                    <button class="btn btn-primary btn-block btn-large" type="submit" style="color:red;" onclick="return confirm('Are you sure you want to delete this restaurant?');">Delete</button>
+                </form>
+			</td>
+			<td width="362">
+                <!-- Update Password -->
+                <form method="POST" style="display:inline;">
+                    <input type="hidden" name="action" value="update_password">
+                    <input type="hidden" name="user_id" value="<?= $user['id'] ?>">
+                    <!-- <label>New Password: <input type="password" name="new_password" required></label> -->
+					<input type="password" name="new_password" placeholder="New Password" required /><br>
+                    <button class="btn btn-primary btn-block btn-large" type="submit">Update Password</button>
+                </form>
+            </td>
+        </tr>
+        <?php endforeach; ?>
+    </table>
+ </div>
+</body>
+</html>