diff --git a/admin/order_detail.php b/admin/order_detail.php
new file mode 100644
index 0000000..63fe1db
--- /dev/null
+++ b/admin/order_detail.php
@@ -0,0 +1,94 @@
+<?php
+require_once __DIR__ . '/../db/config.php';
+require_once __DIR__ . '/partials/header.php';
+
+if (!isset($_GET['id']) || empty($_GET['id'])) {
+    header('Location: orders.php');
+    exit;
+}
+
+$order_id = $_GET['id'];
+$pdo = db();
+
+// Fetch order details
+$stmt = $pdo->prepare('SELECT * FROM orders WHERE id = ?');
+$stmt->execute([$order_id]);
+$order = $stmt->fetch(PDO::FETCH_ASSOC);
+
+if (!$order) {
+    die('Order not found.');
+}
+
+// Fetch order items
+$stmt = $pdo->prepare('SELECT oi.quantity, oi.price, p.name FROM order_items oi JOIN products p ON oi.product_id = p.id WHERE oi.order_id = ?');
+$stmt->execute([$order_id]);
+$items = $stmt->fetchAll(PDO::FETCH_ASSOC);
+?>
+
+<div class="container-fluid">
+    <div class="row">
+        <?php require_once __DIR__ . '/partials/sidebar.php'; ?>
+
+        <main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
+            <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
+                <h1 class="h2">Detail Pesanan #<?php echo htmlspecialchars($order['id']); ?></h1>
+                <a href="orders.php" class="btn btn-secondary">Kembali ke Daftar Pesanan</a>
+            </div>
+
+            <div class="row">
+                <div class="col-md-6">
+                    <h4>Informasi Pelanggan</h4>
+                    <p><strong>Nama:</strong> <?php echo htmlspecialchars($order['customer_name']); ?></p>
+                    <p><strong>Email:</strong> <?php echo htmlspecialchars($order['customer_email']); ?></p>
+                </div>
+                <div class="col-md-6">
+                    <h4>Informasi Pesanan</h4>
+                    <p><strong>Total:</strong> Rp <?php echo number_format($order['total_amount'], 2, ',', '.'); ?></p>
+                    <p><strong>Status:</strong> <span class="badge bg-info"><?php echo htmlspecialchars($order['status']); ?></span></p>
+                    <p><strong>Tanggal:</strong> <?php echo date('d M Y, H:i', strtotime($order['created_at'])); ?></p>
+
+                    <form action="order_update_status.php" method="POST" class="mt-3">
+                        <input type="hidden" name="order_id" value="<?php echo $order['id']; ?>">
+                        <div class="input-group">
+                            <select name="status" class="form-select">
+                                <option value="Pending" <?php echo ($order['status'] == 'Pending') ? 'selected' : ''; ?>>Pending</option>
+                                <option value="Processing" <?php echo ($order['status'] == 'Processing') ? 'selected' : ''; ?>>Processing</option>
+                                <option value="Shipped" <?php echo ($order['status'] == 'Shipped') ? 'selected' : ''; ?>>Shipped</option>
+                                <option value="Completed" <?php echo ($order['status'] == 'Completed') ? 'selected' : ''; ?>>Completed</option>
+                                <option value="Cancelled" <?php echo ($order['status'] == 'Cancelled') ? 'selected' : ''; ?>>Cancelled</option>
+                            </select>
+                            <button type="submit" class="btn btn-success">Update Status</button>
+                        </div>
+                    </form>
+                </div>
+            </div>
+
+            <h4 class="mt-4">Item Pesanan</h4>
+            <div class="table-responsive">
+                <table class="table table-striped">
+                    <thead>
+                        <tr>
+                            <th>Produk</th>
+                            <th>Jumlah</th>
+                            <th>Harga</th>
+                            <th>Subtotal</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <?php foreach ($items as $item): ?>
+                            <tr>
+                                <td><?php echo htmlspecialchars($item['name']); ?></td>
+                                <td><?php echo htmlspecialchars($item['quantity']); ?></td>
+                                <td>Rp <?php echo number_format($item['price'], 2, ',', '.'); ?></td>
+                                <td>Rp <?php echo number_format($item['price'] * $item['quantity'], 2, ',', '.'); ?></td>
+                            </tr>
+                        <?php endforeach; ?>
+                    </tbody>
+                </table>
+            </div>
+
+        </main>
+    </div>
+</div>
+
+<?php require_once __DIR__ . '/partials/footer.php'; ?>
diff --git a/admin/order_update_status.php b/admin/order_update_status.php
new file mode 100644
index 0000000..b5b8440
--- /dev/null
+++ b/admin/order_update_status.php
@@ -0,0 +1,31 @@
+<?php
+require_once __DIR__ . '/../db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $order_id = $_POST['order_id'];
+    $status = $_POST['status'];
+
+    if (empty($order_id) || empty($status)) {
+        header('Location: orders.php'); // Redirect if data is missing
+        exit;
+    }
+
+    try {
+        $pdo = db();
+        $stmt = $pdo->prepare('UPDATE orders SET status = ? WHERE id = ?');
+        $stmt->execute([$status, $order_id]);
+
+        // Redirect back to the order detail page with a success message
+        header('Location: order_detail.php?id=' . $order_id . '&status=updated');
+        exit;
+    } catch (PDOException $e) {
+        // On error, redirect with an error message
+        header('Location: order_detail.php?id=' . $order_id . '&status=error');
+        exit;
+    }
+}
+
+// If not a POST request, just redirect to the main orders page
+header('Location: orders.php');
+exit;
+?>
\ No newline at end of file
diff --git a/admin/orders.php b/admin/orders.php
new file mode 100644
index 0000000..e91c533
--- /dev/null
+++ b/admin/orders.php
@@ -0,0 +1,61 @@
+<?php
+require_once __DIR__ . '/../db/config.php';
+require_once __DIR__ . '/partials/header.php';
+
+try {
+    $pdo = db();
+    $stmt = $pdo->query('SELECT id, customer_name, total_amount, status, created_at FROM orders ORDER BY created_at DESC');
+    $orders = $stmt->fetchAll(PDO::FETCH_ASSOC);
+} catch (PDOException $e) {
+    die("Could not connect to the database: " . $e->getMessage());
+}
+?>
+
+<div class="container-fluid">
+    <div class="row">
+        <?php require_once __DIR__ . '/partials/sidebar.php'; ?>
+
+        <main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
+            <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
+                <h1 class="h2">Manajemen Pesanan</h1>
+            </div>
+
+            <div class="table-responsive">
+                <table class="table table-striped table-sm">
+                    <thead>
+                        <tr>
+                            <th>ID Pesanan</th>
+                            <th>Nama Pelanggan</th>
+                            <th>Total</th>
+                            <th>Status</th>
+                            <th>Tanggal</th>
+                            <th>Aksi</th>
+                        </tr>
+                    </thead>
+                    <tbody>
+                        <?php if (empty($orders)): ?>
+                            <tr>
+                                <td colspan="6" class="text-center">Belum ada pesanan.</td>
+                            </tr>
+                        <?php else: ?>
+                            <?php foreach ($orders as $order): ?>
+                                <tr>
+                                    <td>#<?php echo htmlspecialchars($order['id']); ?></td>
+                                    <td><?php echo htmlspecialchars($order['customer_name']); ?></td>
+                                    <td>Rp <?php echo number_format($order['total_amount'], 2, ',', '.'); ?></td>
+                                    <td><span class="badge bg-info"><?php echo htmlspecialchars($order['status']); ?></span></td>
+                                    <td><?php echo date('d M Y, H:i', strtotime($order['created_at'])); ?></td>
+                                    <td>
+                                        <a href="order_detail.php?id=<?php echo $order['id']; ?>" class="btn btn-sm btn-primary">Detail</a>
+                                    </td>
+                                </tr>
+                            <?php endforeach; ?>
+                        <?php endif; ?>
+                    </tbody>
+                </table>
+            </div>
+        </main>
+    </div>
+</div>
+
+<?php require_once __DIR__ . '/partials/footer.php'; ?>
\ No newline at end of file
diff --git a/admin/partials/sidebar.php b/admin/partials/sidebar.php
index 490d4f5..d9e44ee 100644
--- a/admin/partials/sidebar.php
+++ b/admin/partials/sidebar.php
@@ -10,16 +10,16 @@ $current_page = basename($_SERVER['REQUEST_URI']);
         <a href="/admin/" class="list-group-item list-group-item-action <?php echo ($current_page == 'admin' || $current_page == 'index.php') ? 'active' : ''; ?>">
             <i class="bi bi-speedometer2 me-2"></i>Dashboard
         </a>
-        <a href="#" class="list-group-item list-group-item-action <?php echo ($current_page == 'users.php') ? 'active' : ''; ?>">
+        <a href="users.php" class="list-group-item list-group-item-action <?php echo ($current_page == 'users.php') ? 'active' : ''; ?>">
             <i class="bi bi-people me-2"></i>Manajemen User
         </a>
         <a href="products.php" class="list-group-item list-group-item-action <?php echo ($current_page == 'products.php') ? 'active' : ''; ?>">
             <i class="bi bi-box-seam me-2"></i>Manajemen Produk
         </a>
-        <a href="#" class="list-group-item list-group-item-action <?php echo ($current_page == 'orders.php') ? 'active' : ''; ?>">
+        <a href="orders.php" class="list-group-item list-group-item-action <?php echo ($current_page == 'orders.php') ? 'active' : ''; ?>">
             <i class="bi bi-receipt me-2"></i>Manajemen Order
         </a>
-        <a href="#" class="list-group-item list-group-item-action <?php echo ($current_page == 'settings.php') ? 'active' : ''; ?>">
+        <a href="settings.php" class="list-group-item list-group-item-action <?php echo ($current_page == 'settings.php') ? 'active' : ''; ?>">
             <i class="bi bi-gear me-2"></i>Pengaturan
         </a>
         <a href="/" class="list-group-item list-group-item-action bg-light">
diff --git a/admin/settings.php b/admin/settings.php
new file mode 100644
index 0000000..1a304e9
--- /dev/null
+++ b/admin/settings.php
@@ -0,0 +1,73 @@
+<?php
+require_once __DIR__ . '/../db/config.php';
+
+$pdo = db();
+
+// Handle form submission
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $site_name = $_POST['site_name'] ?? '';
+    $contact_email = $_POST['contact_email'] ?? '';
+
+    try {
+        $stmt = $pdo->prepare("UPDATE settings SET setting_value = :value WHERE setting_name = :name");
+        $stmt->execute(['value' => $site_name, 'name' => 'site_name']);
+        $stmt->execute(['value' => $contact_email, 'name' => 'contact_email']);
+        $success_message = "Settings updated successfully!";
+    } catch (PDOException $e) {
+        $error_message = "Error updating settings: " . $e->getMessage();
+    }
+}
+
+// Fetch current settings
+$stmt = $pdo->query("SELECT * FROM settings");
+$settings = $stmt->fetchAll(PDO::FETCH_KEY_PAIR);
+
+$site_name = $settings['site_name'] ?? '';
+$contact_email = $settings['contact_email'] ?? '';
+
+$page_title = "Settings";
+include 'partials/header.php';
+?>
+
+<div class="container-fluid">
+    <div class="row">
+        <?php include 'partials/sidebar.php'; ?>
+
+        <main class="col-md-9 ms-sm-auto col-lg-10 px-md-4">
+            <div class="d-flex justify-content-between flex-wrap flex-md-nowrap align-items-center pt-3 pb-2 mb-3 border-bottom">
+                <h1 class="h2">Settings</h1>
+            </div>
+
+            <?php if (isset($success_message)): ?>
+                <div class="alert alert-success" role="alert">
+                    <?php echo $success_message; ?>
+                </div>
+            <?php endif; ?>
+            <?php if (isset($error_message)): ?>
+                <div class="alert alert-danger" role="alert">
+                    <?php echo $error_message; ?>
+                </div>
+            <?php endif; ?>
+
+            <div class="card">
+                <div class="card-body">
+                    <h5 class="card-title">General Settings</h5>
+                    <form action="settings.php" method="POST">
+                        <div class="mb-3">
+                            <label for="site_name" class="form-label">Site Name</label>
+                            <input type="text" class="form-control" id="site_name" name="site_name" value="<?php echo htmlspecialchars($site_name); ?>" required>
+                        </div>
+                        <div class="mb-3">
+                            <label for="contact_email" class="form-label">Contact Email</label>
+                            <input type="email" class="form-control" id="contact_email" name="contact_email" value="<?php echo htmlspecialchars($contact_email); ?>" required>
+                        </div>
+                        <button type="submit" class="btn btn-primary">Save Settings</button>
+                    </form>
+                </div>
+            </div>
+
+        </main>
+    </div>
+</div>
+
+<?php include 'partials/footer.php'; ?>
diff --git a/admin/user_add.php b/admin/user_add.php
new file mode 100644
index 0000000..bea7463
--- /dev/null
+++ b/admin/user_add.php
@@ -0,0 +1,54 @@
+<?php
+// This page contains the form to add a new user.
+
+// Include header
+include 'partials/header.php';
+?>
+
+<div id="page-content-wrapper">
+    <nav class="navbar navbar-expand-lg navbar-light bg-transparent py-4 px-4">
+        <div class="d-flex align-items-center">
+            <i class="bi bi-list fs-4 me-3" id="menu-toggle"></i>
+            <h2 class="fs-2 m-0">Tambah Pengguna Baru</h2>
+        </div>
+    </nav>
+
+    <div class="container-fluid px-4">
+        <div class="row my-5">
+            <div class="col">
+                <div class="card shadow-sm">
+                    <div class="card-body">
+                        <form action="user_create.php" method="POST">
+                            <div class="mb-3">
+                                <label for="name" class="form-label">Nama Lengkap</label>
+                                <input type="text" class="form-control" id="name" name="name" required>
+                            </div>
+                            <div class="mb-3">
+                                <label for="email" class="form-label">Alamat Email</label>
+                                <input type="email" class="form-control" id="email" name="email" required>
+                            </div>
+                            <div class="mb-3">
+                                <label for="password" class="form-label">Password</label>
+                                <input type="password" class="form-control" id="password" name="password" required>
+                            </div>
+                            <div class="mb-3">
+                                <label for="role" class="form-label">Peran</label>
+                                <select class="form-select" id="role" name="role">
+                                    <option value="user" selected>User</option>
+                                    <option value="admin">Admin</option>
+                                </select>
+                            </div>
+                            <button type="submit" class="btn btn-primary">Simpan Pengguna</button>
+                            <a href="users.php" class="btn btn-secondary">Batal</a>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php
+// Include footer
+include 'partials/footer.php';
+?>
diff --git a/admin/user_create.php b/admin/user_create.php
new file mode 100644
index 0000000..1fbd71b
--- /dev/null
+++ b/admin/user_create.php
@@ -0,0 +1,53 @@
+<?php
+require_once '../db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    // Get form data
+    $name = trim($_POST['name']);
+    $email = trim($_POST['email']);
+    $password = $_POST['password']; // No trim on password
+    $role = $_POST['role'];
+
+    // Validate data
+    if (empty($name) || empty($email) || empty($password) || empty($role)) {
+        header("Location: users.php?status=danger&message=" . urlencode('Semua kolom harus diisi.'));
+        exit;
+    }
+
+    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+        header("Location: users.php?status=danger&message=" . urlencode('Format email tidak valid.'));
+        exit;
+    }
+
+    // Hash the password for security
+    $hashed_password = password_hash($password, PASSWORD_DEFAULT);
+
+    // Insert into database
+    try {
+        $pdo = db();
+        $stmt = $pdo->prepare("INSERT INTO users (name, email, password, role) VALUES (:name, :email, :password, :role)");
+        $stmt->execute([
+            ':name' => $name,
+            ':email' => $email,
+            ':password' => $hashed_password,
+            ':role' => $role
+        ]);
+
+        header("Location: users.php?status=success&message=" . urlencode('Pengguna baru berhasil ditambahkan.'));
+        exit;
+
+    } catch (PDOException $e) {
+        $message = 'Gagal menambahkan pengguna.';
+        // Check for duplicate email
+        if ($e->errorInfo[1] == 1062) { // 1062 is the MySQL error code for duplicate entry
+            $message = 'Email sudah terdaftar. Silakan gunakan email lain.';
+        }
+        header("Location: users.php?status=danger&message=" . urlencode($message));
+        exit;
+    }
+
+} else {
+    // Redirect if not a POST request
+    header('Location: user_add.php');
+    exit;
+}
diff --git a/admin/user_delete.php b/admin/user_delete.php
new file mode 100644
index 0000000..4e9b5ea
--- /dev/null
+++ b/admin/user_delete.php
@@ -0,0 +1,34 @@
+<?php
+require_once '../db/config.php';
+
+// Check for user ID
+if (!isset($_GET['id'])) {
+    header("Location: users.php?status=danger&message=" . urlencode('ID pengguna tidak ditemukan.'));
+    exit;
+}
+
+$user_id = $_GET['id'];
+
+// Prevent deleting user with ID 1 (super admin, for example)
+if ($user_id == 1) {
+    header("Location: users.php?status=danger&message=" . urlencode('Pengguna utama tidak dapat dihapus.'));
+    exit;
+}
+
+// Delete from database
+try {
+    $pdo = db();
+    $stmt = $pdo->prepare("DELETE FROM users WHERE id = :id");
+    $stmt->execute(['id' => $user_id]);
+
+    if ($stmt->rowCount() > 0) {
+        header("Location: users.php?status=success&message=" . urlencode('Pengguna berhasil dihapus.'));
+    } else {
+        header("Location: users.php?status=danger&message=" . urlencode('Pengguna tidak ditemukan atau sudah dihapus.'));
+    }
+    exit;
+
+} catch (PDOException $e) {
+    header("Location: users.php?status=danger&message=" . urlencode('Gagal menghapus pengguna.'));
+    exit;
+}
diff --git a/admin/user_edit.php b/admin/user_edit.php
new file mode 100644
index 0000000..b4341af
--- /dev/null
+++ b/admin/user_edit.php
@@ -0,0 +1,80 @@
+<?php
+require_once '../db/config.php';
+
+// Check for user ID
+if (!isset($_GET['id'])) {
+    header("Location: users.php?status=danger&message=" . urlencode('ID pengguna tidak ditemukan.'));
+    exit;
+}
+
+$user_id = $_GET['id'];
+
+// Fetch user data
+try {
+    $pdo = db();
+    $stmt = $pdo->prepare("SELECT * FROM users WHERE id = :id");
+    $stmt->execute(['id' => $user_id]);
+    $user = $stmt->fetch();
+
+    if (!$user) {
+        header("Location: users.php?status=danger&message=" . urlencode('Pengguna tidak ditemukan.'));
+        exit;
+    }
+} catch (PDOException $e) {
+    header("Location: users.php?status=danger&message=" . urlencode('Gagal mengambil data pengguna.'));
+    exit;
+}
+
+// Include header
+include 'partials/header.php';
+?>
+
+<div id="page-content-wrapper">
+    <nav class="navbar navbar-expand-lg navbar-light bg-transparent py-4 px-4">
+        <div class="d-flex align-items-center">
+            <i class="bi bi-list fs-4 me-3" id="menu-toggle"></i>
+            <h2 class="fs-2 m-0">Edit Pengguna</h2>
+        </div>
+    </nav>
+
+    <div class="container-fluid px-4">
+        <div class="row my-5">
+            <div class="col">
+                <div class="card shadow-sm">
+                    <div class="card-body">
+                        <form action="user_update.php" method="POST">
+                            <input type="hidden" name="id" value="<?php echo $user['id']; ?>">
+                            <div class="mb-3">
+                                <label for="name" class="form-label">Nama Lengkap</label>
+                                <input type="text" class="form-control" id="name" name="name" value="<?php echo htmlspecialchars($user['name']); ?>" required>
+                            </div>
+                            <div class="mb-3">
+                                <label for="email" class="form-label">Alamat Email</label>
+                                <input type="email" class="form-control" id="email" name="email" value="<?php echo htmlspecialchars($user['email']); ?>" required>
+                            </div>
+                            <div class="mb-3">
+                                <label for="password" class="form-label">Password (opsional)</label>
+                                <input type="password" class="form-control" id="password" name="password">
+                                <small class="form-text text-muted">Kosongkan jika tidak ingin mengubah password.</small>
+                            </div>
+                            <div class="mb-3">
+                                <label for="role" class="form-label">Peran</label>
+                                <select class="form-select" id="role" name="role">
+                                    <option value="user" <?php echo ($user['role'] == 'user') ? 'selected' : ''; ?>>User</option>
+                                    <option value="admin" <?php echo ($user['role'] == 'admin') ? 'selected' : ''; ?>>Admin</option>
+                                </select>
+                            </div>
+                            <button type="submit" class="btn btn-primary">Simpan Perubahan</button>
+                            <a href="users.php" class="btn btn-secondary">Batal</a>
+                        </form>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php
+// Include footer
+include 'partials/footer.php';
+?>
diff --git a/admin/user_update.php b/admin/user_update.php
new file mode 100644
index 0000000..3ca9300
--- /dev/null
+++ b/admin/user_update.php
@@ -0,0 +1,62 @@
+<?php
+require_once '../db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    // Get form data
+    $id = $_POST['id'];
+    $name = trim($_POST['name']);
+    $email = trim($_POST['email']);
+    $password = $_POST['password']; // No trim on password
+    $role = $_POST['role'];
+
+    // Validate data
+    if (empty($id) || empty($name) || empty($email) || empty($role)) {
+        header("Location: users.php?status=danger&message=" . urlencode('Semua kolom harus diisi.'));
+        exit;
+    }
+
+    if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
+        header("Location: users.php?status=danger&message=" . urlencode('Format email tidak valid.'));
+        exit;
+    }
+
+    // Prepare SQL statement
+    $sql = "UPDATE users SET name = :name, email = :email, role = :role";
+    $params = [
+        ':id' => $id,
+        ':name' => $name,
+        ':email' => $email,
+        ':role' => $role
+    ];
+
+    // Handle password update
+    if (!empty($password)) {
+        $hashed_password = password_hash($password, PASSWORD_DEFAULT);
+        $sql .= ", password = :password";
+        $params[':password'] = $hashed_password;
+    }
+
+    $sql .= " WHERE id = :id";
+
+    // Update database
+    try {
+        $pdo = db();
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute($params);
+
+        header("Location: users.php?status=success&message=" . urlencode('Data pengguna berhasil diperbarui.'));
+        exit;
+
+    } catch (PDOException $e) {
+        $message = 'Gagal memperbarui data pengguna.';
+        if ($e->errorInfo[1] == 1062) {
+            $message = 'Email sudah terdaftar. Silakan gunakan email lain.';
+        }
+        header("Location: users.php?status=danger&message=" . urlencode($message));
+        exit;
+    }
+
+} else {
+    header('Location: users.php');
+    exit;
+}
diff --git a/admin/users.php b/admin/users.php
new file mode 100644
index 0000000..b95581b
--- /dev/null
+++ b/admin/users.php
@@ -0,0 +1,85 @@
+<?php
+require_once '../db/config.php';
+
+// Fetch all users from the database
+try {
+    $pdo = db();
+    $stmt = $pdo->query("SELECT * FROM users ORDER BY created_at DESC");
+    $users = $stmt->fetchAll();
+} catch (PDOException $e) {
+    $users = [];
+    $db_error = "Error fetching users: " . $e->getMessage();
+}
+
+// Include header
+include 'partials/header.php';
+?>
+
+<div id="page-content-wrapper">
+    <nav class="navbar navbar-expand-lg navbar-light bg-transparent py-4 px-4">
+        <div class="d-flex align-items-center">
+            <i class="bi bi-list fs-4 me-3" id="menu-toggle"></i>
+            <h2 class="fs-2 m-0">Manajemen Pengguna</h2>
+        </div>
+    </nav>
+
+    <div class="container-fluid px-4">
+
+        <?php if (isset($_GET['status'])) : ?>
+            <div class="alert alert-<?php echo $_GET['status'] == 'success' ? 'success' : 'danger'; ?> alert-dismissible fade show" role="alert">
+                <?php echo htmlspecialchars($_GET['message']); ?>
+                <button type="button" class="btn-close" data-bs-dismiss="alert" aria-label="Close"></button>
+            </div>
+        <?php endif; ?>
+
+        <?php if (isset($db_error)) : ?>
+            <div class="alert alert-danger"> <?php echo $db_error; ?></div>
+        <?php endif; ?>
+
+        <div class="row my-5">
+            <div class="col">
+                <a href="user_add.php" class="btn btn-primary mb-3"><i class="bi bi-plus-lg"></i> Tambah Pengguna</a>
+                <div class="card shadow-sm">
+                    <div class="card-body">
+                        <h3 class="fs-4 mb-3">Daftar Pengguna</h3>
+                        <div class="table-responsive">
+                            <table class="table table-hover">
+                                <thead>
+                                    <tr>
+                                        <th scope="col">#</th>
+                                        <th scope="col">Nama</th>
+                                        <th scope="col">Email</th>
+                                        <th scope="col">Peran</th>
+                                        <th scope="col">Aksi</th>
+                                    </tr>
+                                </thead>
+                                <tbody>
+                                    <?php if (empty($users)) : ?>
+                                        <tr>
+                                            <td colspan="5" class="text-center">Belum ada pengguna.</td>
+                                        </tr>
+                                    <?php else : ?>
+                                        <?php foreach ($users as $key => $user) : ?>
+                                            <tr>
+                                                <th scope="row"><?php echo $key + 1; ?></th>
+                                                <td><?php echo htmlspecialchars($user['name']); ?></td>
+                                                <td><?php echo htmlspecialchars($user['email']); ?></td>
+                                                <td><?php echo htmlspecialchars($user['role']); ?></td>
+                                                <td>
+                                                    <a href="user_edit.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-primary">Edit</a>
+                                                    <a href="user_delete.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-danger" onclick="return confirm('Anda yakin ingin menghapus pengguna ini?');">Hapus</a>
+                                                </td>
+                                            </tr>
+                                        <?php endforeach; ?>
+                                    <?php endif; ?>
+                                </tbody>
+                            </table>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </div>
+</div>
+
+<?php include 'partials/footer.php'; ?>
diff --git a/db/migration_orders.php b/db/migration_orders.php
new file mode 100644
index 0000000..2d5a228
--- /dev/null
+++ b/db/migration_orders.php
@@ -0,0 +1,36 @@
+<?php
+require_once __DIR__ . '/config.php';
+
+try {
+    $pdo = db();
+
+    // Create orders table
+    $pdo->exec("
+        CREATE TABLE IF NOT EXISTS `orders` (
+            `id` INT AUTO_INCREMENT PRIMARY KEY,
+            `customer_name` VARCHAR(255) NOT NULL,
+            `customer_email` VARCHAR(255) NOT NULL,
+            `total_amount` DECIMAL(10, 2) NOT NULL,
+            `status` VARCHAR(50) NOT NULL DEFAULT 'Pending',
+            `created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+        )
+    ");
+
+    // Create order_items table
+    $pdo->exec("
+        CREATE TABLE IF NOT EXISTS `order_items` (
+            `id` INT AUTO_INCREMENT PRIMARY KEY,
+            `order_id` INT NOT NULL,
+            `product_id` INT NOT NULL,
+            `quantity` INT NOT NULL,
+            `price` DECIMAL(10, 2) NOT NULL,
+            FOREIGN KEY (`order_id`) REFERENCES `orders`(`id`) ON DELETE CASCADE,
+            FOREIGN KEY (`product_id`) REFERENCES `products`(`id`) ON DELETE RESTRICT
+        )
+    ");
+
+    echo "Tables 'orders' and 'order_items' created successfully." . PHP_EOL;
+
+} catch (PDOException $e) {
+    die("DB ERROR: " . $e->getMessage());
+}
diff --git a/db/migration_settings.php b/db/migration_settings.php
new file mode 100644
index 0000000..312dfc1
--- /dev/null
+++ b/db/migration_settings.php
@@ -0,0 +1,30 @@
+<?php
+require_once 'config.php';
+
+try {
+    $pdo = db();
+    $sql = "
+    CREATE TABLE IF NOT EXISTS settings (
+        id INT AUTO_INCREMENT PRIMARY KEY,
+        setting_name VARCHAR(255) NOT NULL UNIQUE,
+        setting_value TEXT
+    );
+    ";
+    $pdo->exec($sql);
+
+    // Insert default settings if they don't exist
+    $defaults = [
+        'site_name' => 'My Awesome Site',
+        'contact_email' => 'contact@example.com'
+    ];
+
+    $stmt = $pdo->prepare("INSERT INTO settings (setting_name, setting_value) VALUES (:name, :value) ON DUPLICATE KEY UPDATE setting_name=setting_name");
+
+    foreach ($defaults as $name => $value) {
+        $stmt->execute(['name' => $name, 'value' => $value]);
+    }
+
+    echo "Table 'settings' created and default values inserted successfully." . PHP_EOL;
+} catch (PDOException $e) {
+    die("DB ERROR: " . $e->getMessage());
+}
diff --git a/db/migration_users.php b/db/migration_users.php
new file mode 100644
index 0000000..2c06ac6
--- /dev/null
+++ b/db/migration_users.php
@@ -0,0 +1,18 @@
+<?php
+require_once 'config.php';
+
+try {
+    $pdo = db();
+    $sql = "CREATE TABLE IF NOT EXISTS users (
+        id INT(11) AUTO_INCREMENT PRIMARY KEY,
+        name VARCHAR(255) NOT NULL,
+        email VARCHAR(255) NOT NULL UNIQUE,
+        password VARCHAR(255) NOT NULL,
+        role ENUM('admin', 'user') DEFAULT 'user',
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+    ) ENGINE=INNODB;";
+    $pdo->exec($sql);
+    echo "Table 'users' created successfully." . PHP_EOL;
+} catch (PDOException $e) {
+    die("DB ERROR: " . $e->getMessage());
+}
