diff --git a/api.php b/api.php
new file mode 100644
index 0000000..bb03fd0
--- /dev/null
+++ b/api.php
@@ -0,0 +1,24 @@
+<?php
+require_once 'db/config.php';
+
+header('Content-Type: application/json');
+
+$action = $_GET['action'] ?? '';
+
+if ($action == 'get_departments') {
+    $division_id = $_GET['division_id'] ?? 0;
+    $stmt = db()->prepare("SELECT id, name FROM departments WHERE division_id = ? ORDER BY name");
+    $stmt->execute([$division_id]);
+    $departments = $stmt->fetchAll();
+    echo json_encode($departments);
+    exit;
+}
+
+if ($action == 'get_roles') {
+    $department_id = $_GET['department_id'] ?? 0;
+    $stmt = db()->prepare("SELECT id, name FROM roles WHERE department_id = ? ORDER BY name");
+    $stmt->execute([$department_id]);
+    $roles = $stmt->fetchAll();
+    echo json_encode($roles);
+    exit;
+}
\ No newline at end of file
diff --git a/approve_request.php b/approve_request.php
new file mode 100644
index 0000000..3270291
--- /dev/null
+++ b/approve_request.php
@@ -0,0 +1,92 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+if (!isset($_SESSION['user_id'])) {
+    header('Location: login.php');
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] !== 'POST' || !isset($_POST['request_id']) || !isset($_POST['action'])) {
+    header('Location: request_dashboard.php?error=invalid_request');
+    exit;
+}
+
+$request_id = $_POST['request_id'];
+$action = $_POST['action'];
+
+try {
+    $pdo = db();
+    
+    // Get the request details
+    $stmt = $pdo->prepare('SELECT * FROM ChangeRequests WHERE id = ?');
+    $stmt->execute([$request_id]);
+    $request = $stmt->fetch();
+
+    if (!$request) {
+        header('Location: request_dashboard.php?error=not_found');
+        exit;
+    }
+
+    // Authorization check
+    $is_authorized = false;
+    if (isset($_SESSION['role'])) {
+        $user_role = $_SESSION['role'];
+        $user_department = $_SESSION['department'] ?? null;
+        $request_status = $request['status'];
+        $pending_level = $request['approval_level_pending'];
+        $request_department = $request['department_name'];
+
+        if ($request_status === 'Pending Approval' && $user_role === $pending_level) {
+            if ($user_role === 'Admin' || $user_department === $request_department) {
+                $is_authorized = true;
+            }
+        }
+    }
+
+    if (!$is_authorized) {
+        header('Location: request_dashboard.php?error=unauthorized');
+        exit;
+    }
+
+    $next_approval_level = '';
+    $new_status = '';
+    $rejection_reason = null;
+
+    if ($action === 'approve') {
+        $current_level = $request['approval_level_pending'];
+        $approval_flow = ['Dept Manager/GM', 'System Div Admin', 'Planning Dept', 'System GM'];
+        $current_index = array_search($current_level, $approval_flow);
+
+        if ($current_index !== false && $current_index < count($approval_flow) - 1) {
+            $next_approval_level = $approval_flow[$current_index + 1];
+            $new_status = 'Pending Approval';
+        } else {
+            $next_approval_level = 'None';
+            $new_status = 'Approved';
+        }
+        $sql = 'UPDATE ChangeRequests SET status = ?, approval_level_pending = ? WHERE id = ?';
+        $params = [$new_status, $next_approval_level, $request_id];
+
+    } elseif ($action === 'reject') {
+        $next_approval_level = $request['approval_level_pending'];
+        $new_status = 'Rejected';
+        $rejection_reason = $_POST['rejection_reason'] ?? '';
+
+        $sql = 'UPDATE ChangeRequests SET status = ?, approval_level_pending = ?, rejection_reason = ? WHERE id = ?';
+        $params = [$new_status, $next_approval_level, $rejection_reason, $request_id];
+    }
+
+
+    if (isset($sql)) {
+        $stmt = $pdo->prepare($sql);
+        $stmt->execute($params);
+    }
+
+    header('Location: request_dashboard.php?success=updated');
+    exit;
+
+} catch (PDOException $e) {
+    header('Location: request_dashboard.php?error=db_error');
+    exit;
+}
diff --git a/assets/js/edit_user.js b/assets/js/edit_user.js
new file mode 100644
index 0000000..79d8ed1
--- /dev/null
+++ b/assets/js/edit_user.js
@@ -0,0 +1,71 @@
+document.addEventListener('DOMContentLoaded', function () {
+    const divisionSelect = document.getElementById('division_id');
+    const departmentSelect = document.getElementById('department_id');
+    const roleSelect = document.getElementById('role_id');
+
+    const initialDepartmentId = departmentSelect.dataset.initial;
+    const initialRoleId = roleSelect.dataset.initial;
+
+    function fetchDepartments(divisionId, callback) {
+        fetch(`api.php?action=get_departments&division_id=${divisionId}`)
+            .then(response => response.json())
+            .then(data => {
+                departmentSelect.innerHTML = '<option value="">Select Department</option>';
+                data.forEach(department => {
+                    const option = document.createElement('option');
+                    option.value = department.id;
+                    option.textContent = department.name;
+                    if (department.id == initialDepartmentId) {
+                        option.selected = true;
+                    }
+                    departmentSelect.appendChild(option);
+                });
+                if (callback) callback();
+            });
+    }
+
+    function fetchRoles(departmentId, callback) {
+        fetch(`api.php?action=get_roles&department_id=${departmentId}`)
+            .then(response => response.json())
+            .then(data => {
+                roleSelect.innerHTML = '<option value="">Select Role</option>';
+                data.forEach(role => {
+                    const option = document.createElement('option');
+                    option.value = role.id;
+                    option.textContent = role.name;
+                    if (role.id == initialRoleId) {
+                        option.selected = true;
+                    }
+                    roleSelect.appendChild(option);
+                });
+                if (callback) callback();
+            });
+    }
+
+    divisionSelect.addEventListener('change', function () {
+        const divisionId = this.value;
+        departmentSelect.dataset.initial = ''; // Clear initial value on change
+        roleSelect.dataset.initial = ''; // Clear initial value on change
+        fetchDepartments(divisionId, () => {
+            // After loading departments, if there's a selected one, load its roles
+            if (departmentSelect.value) {
+                fetchRoles(departmentSelect.value);
+            }
+        });
+    });
+
+    departmentSelect.addEventListener('change', function () {
+        const departmentId = this.value;
+        roleSelect.dataset.initial = ''; // Clear initial value on change
+        fetchRoles(departmentId);
+    });
+
+    // Initial load
+    if (divisionSelect.value) {
+        fetchDepartments(divisionSelect.value, () => {
+            if (initialDepartmentId) {
+                fetchRoles(initialDepartmentId);
+            }
+        });
+    }
+});
diff --git a/assets/pasted-20260116-065324-ee98bca3.png b/assets/pasted-20260116-065324-ee98bca3.png
new file mode 100644
index 0000000..a9e4a3d
Binary files /dev/null and b/assets/pasted-20260116-065324-ee98bca3.png differ
diff --git a/assets/pasted-20260116-080540-0df3cd75.png b/assets/pasted-20260116-080540-0df3cd75.png
new file mode 100644
index 0000000..aff343f
Binary files /dev/null and b/assets/pasted-20260116-080540-0df3cd75.png differ
diff --git a/assets/pasted-20260116-082242-faefdc14.png b/assets/pasted-20260116-082242-faefdc14.png
new file mode 100644
index 0000000..a9d7a1f
Binary files /dev/null and b/assets/pasted-20260116-082242-faefdc14.png differ
diff --git a/create_department.php b/create_department.php
new file mode 100644
index 0000000..8ba6af1
--- /dev/null
+++ b/create_department.php
@@ -0,0 +1,15 @@
+<?php
+require_once 'db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    $name = $_POST['department_name'];
+    $division_id = $_POST['division_id'];
+    try {
+        $stmt = db()->prepare("INSERT INTO departments (name, division_id) VALUES (?, ?)");
+        $stmt->execute([$name, $division_id]);
+        header('Location: user_management.php');
+    } catch (PDOException $e) {
+        echo "Error: " . $e->getMessage();
+    }
+}
+?>
\ No newline at end of file
diff --git a/create_division.php b/create_division.php
new file mode 100644
index 0000000..d21e46e
--- /dev/null
+++ b/create_division.php
@@ -0,0 +1,30 @@
+<?php
+require_once 'db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    $name = $_POST['name'];
+    try {
+        $stmt = db()->prepare("INSERT INTO divisions (name) VALUES (?)");
+        $stmt->execute([$name]);
+        header('Location: user_management.php');
+    } catch (PDOException $e) {
+        echo "Error: " . $e->getMessage();
+    }
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Create Division</title>
+</head>
+<body>
+    <h2>Create Division</h2>
+    <form method="post">
+        <label>Division Name:</label>
+        <input type="text" name="name" required>
+        <button type="submit">Create</button>
+    </form>
+    <a href="user_management.php">Back to User Management</a>
+</body>
+</html>
\ No newline at end of file
diff --git a/create_request.php b/create_request.php
new file mode 100644
index 0000000..43dd328
--- /dev/null
+++ b/create_request.php
@@ -0,0 +1,184 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])) {
+    header('Location: login.php');
+    exit;
+}
+require_once 'db/config.php';
+
+$success_message = '';
+$error_message = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    try {
+        $pdo = db();
+
+        // Basic validation
+        $required_fields = ['company', 'hq_name', 'department_name', 'requester_name', 'issued_date', 'request_title', 'background_purpose', 'implementation_details', 'category', 'impact_range'];
+        foreach ($required_fields as $field) {
+            if (empty($_POST[$field])) {
+                throw new Exception('Please fill in all required fields.');
+            }
+        }
+
+        // Generate Request Number
+        $department = $_POST['department_name'];
+        $yearMonth = date('Ym');
+
+        // Find the last running number for this department and month
+        $stmt = $pdo->prepare('SELECT request_number FROM ChangeRequests WHERE request_number LIKE ? ORDER BY request_number DESC LIMIT 1');
+        $stmt->execute(["RSS/$department/$yearMonth/%"]);
+        $lastRequest = $stmt->fetch();
+
+        $runningNumber = 1;
+        if ($lastRequest) {
+            $parts = explode('/', $lastRequest['request_number']);
+            $lastRunningNumber = (int)end($parts);
+            $runningNumber = $lastRunningNumber + 1;
+        }
+
+        $requestNumber = sprintf('RSS/%s/%s/%03d', $department, $yearMonth, $runningNumber);
+
+        $stmt = $pdo->prepare(
+            'INSERT INTO ChangeRequests (request_number, company, hq_name, department_name, requester_name, extension, issued_date, desired_date, request_title, background_purpose, implementation_details, quantitative_effect, basis_of_calculation, qualitative_effect, category, impact_range, status, approval_level_pending) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)'
+        );
+
+        $stmt->execute([
+            $requestNumber,
+            $_POST['company'],
+            $_POST['hq_name'],
+            $_POST['department_name'],
+            $_POST['requester_name'],
+            $_POST['extension'] ?? null,
+            $_POST['issued_date'],
+            $_POST['desired_date'] ?? null,
+            $_POST['request_title'],
+            $_POST['background_purpose'],
+            $_POST['implementation_details'],
+            $_POST['quantitative_effect'] ?? null,
+            $_POST['basis_of_calculation'] ?? null,
+            $_POST['qualitative_effect'] ?? null,
+            $_POST['category'],
+            $_POST['impact_range'],
+            'Pending Approval', // Initial status
+            'Dept Manager/GM' // Initial approval level
+        ]);
+
+        $success_message = 'Request submitted successfully!';
+    } catch (Exception $e) {
+        $error_message = 'Error: ' . $e->getMessage();
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Create Program Change Request</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+</head>
+<body>
+    <div class="container mt-5">
+        <div style="text-align: right; margin-bottom: 20px;">
+            Logged in as <strong><?php echo htmlspecialchars($_SESSION['username']); ?></strong> | <a href="logout.php">Logout</a>
+        </div>
+        <h1>Create Program Change Request</h1>
+        
+        <?php if ($success_message): ?>
+            <div class="alert alert-success"><?php echo $success_message; ?></div>
+        <?php endif; ?>
+        <?php if ($error_message): ?>
+            <div class="alert alert-danger"><?php echo $error_message; ?></div>
+        <?php endif; ?>
+
+        <form action="create_request.php" method="POST">
+            <div class="row">
+                <div class="col-md-6 mb-3">
+                    <label for="company" class="form-label">Company / 会社名 *</label>
+                    <input type="text" class="form-control" id="company" name="company" required>
+                </div>
+                <div class="col-md-6 mb-3">
+                    <label for="hq_name" class="form-label">Headquarters / 本部名 *</label>
+                    <input type="text" class="form-control" id="hq_name" name="hq_name" required>
+                </div>
+            </div>
+            <div class="row">
+                <div class="col-md-6 mb-3">
+                    <label for="department_name" class="form-label">Department / 部署名 *</label>
+                    <select class="form-select" id="department_name" name="department_name" required>
+                        <option value="">Select a department</option>
+                        <option value="Sales">Sales</option>
+                        <option value="Marketing">Marketing</option>
+                        <option value="Engineering">Engineering</option>
+                        <option value="HR">HR</option>
+                        <option value="Other">Other</option>
+                    </select>
+                </div>
+                <div class="col-md-6 mb-3">
+                    <label for="requester_name" class="form-label">Requester Name / 依頼者名 *</label>
+                    <input type="text" class="form-control" id="requester_name" name="requester_name" value="<?php echo htmlspecialchars($_SESSION['username']); ?>" required>
+                </div>
+            </div>
+            <div class="row">
+                 <div class="col-md-4 mb-3">
+                    <label for="extension" class="form-label">Extension / 内線</label>
+                    <input type="text" class="form-control" id="extension" name="extension">
+                </div>
+                <div class="col-md-4 mb-3">
+                    <label for="issued_date" class="form-label">Issued Date / 発行日 *</label>
+                    <input type="date" class="form-control" id="issued_date" name="issued_date" required>
+                </div>
+                <div class="col-md-4 mb-3">
+                    <label for="desired_date" class="form-label">Desired Date / 希望納期</label>
+                    <input type="date" class="form-control" id="desired_date" name="desired_date">
+                </div>
+            </div>
+
+            <div class="mb-3">
+                <label for="request_title" class="form-label">Request Title / 依頼件名 *</label>
+                <input type="text" class="form-control" id="request_title" name="request_title" required>
+            </div>
+
+            <div class="mb-3">
+                <label for="background_purpose" class="form-label">Background & Purpose / 背景・目的 *</label>
+                <textarea class="form-control" id="background_purpose" name="background_purpose" rows="3" required></textarea>
+            </div>
+
+            <div class="mb-3">
+                <label for="implementation_details" class="form-label">Implementation Details / 内容 *</label>
+                <textarea class="form-control" id="implementation_details" name="implementation_details" rows="5" required></textarea>
+            </div>
+
+             <div class="row">
+                <div class="col-md-6 mb-3">
+                    <label for="category" class="form-label">Category / カテゴリー *</label>
+                    <select class="form-select" id="category" name="category" required>
+                        <option value="">Select a category</option>
+                        <option value="Legal">Legal / 法改正</option>
+                        <option value="Business Challenge">Business Challenge / 経営課題</option>
+                        <option value="Cust. Complaint">Cust. Complaint / 顧客クレーム</option>
+                        <option value="Cust. Request">Cust. Request / 顧客要望</option>
+                        <option value="Settings/Conversions">Settings/Conversions / 設定変更・変換</option>
+                        <option value="Improvement">Improvement / 改善</option>
+                        <option value="Other">Other / その他</option>
+                    </select>
+                </div>
+                <div class="col-md-6 mb-3">
+                    <label for="impact_range" class="form-label">Impact Range / 影響範囲 *</label>
+                    <select class="form-select" id="impact_range" name="impact_range" required>
+                        <option value="">Select impact range</option>
+                        <option value="All ROHM">All ROHM / 全社</option>
+                        <option value="Within Headquarters">Within Headquarters / 本部内</option>
+                        <option value="Within Dept/Div">Within Dept/Div / 部門内</option>
+                        <option value="Other">Other / その他</option>
+                    </select>
+                </div>
+            </div>
+
+            <button type="submit" class="btn btn-primary">Submit Request</button>
+            <a href="index.php" class="btn btn-secondary">Back to Home</a>
+        </form>
+    </div>
+</body>
+</html>
diff --git a/create_role.php b/create_role.php
new file mode 100644
index 0000000..4b5a24d
--- /dev/null
+++ b/create_role.php
@@ -0,0 +1,15 @@
+<?php
+require_once 'db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    $name = $_POST['role_name'];
+    $department_id = $_POST['department_id'];
+    try {
+        $stmt = db()->prepare("INSERT INTO roles (name, department_id) VALUES (?, ?)");
+        $stmt->execute([$name, $department_id]);
+        header('Location: user_management.php');
+    } catch (PDOException $e) {
+        echo "Error: " . $e->getMessage();
+    }
+}
+?>
\ No newline at end of file
diff --git a/create_user.php b/create_user.php
new file mode 100644
index 0000000..2314fc7
--- /dev/null
+++ b/create_user.php
@@ -0,0 +1,46 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'Admin') {
+    // Redirect non-admins to the dashboard or a permissions error page
+    header('Location: user_management.php?error=unauthorized');
+    exit;
+}
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = $_POST['username'] ?? '';
+    $email = $_POST['email'] ?? '';
+    $password = $_POST['password'] ?? '';
+    $role_id = $_POST['role_id'] ?? '';
+
+    if (empty($username) || empty($email) || empty($password) || empty($role_id)) {
+        header('Location: user_management.php?error=missing_fields');
+        exit;
+    }
+
+    try {
+        $pdo = db();
+        $stmt = $pdo->prepare("SELECT * FROM users WHERE username = ? OR email = ?");
+        $stmt->execute([$username, $email]);
+        if ($stmt->fetch()) {
+            header('Location: user_management.php?error=user_exists');
+            exit;
+        }
+
+        $hashed_password = password_hash($password, PASSWORD_DEFAULT);
+
+        $division_id = $_POST['division_id'] ?? null;
+        $department_id = $_POST['department_id'] ?? null;
+
+        $stmt = $pdo->prepare("INSERT INTO users (username, email, password, role_id, division_id, department_id) VALUES (?, ?, ?, ?, ?, ?)");
+        $stmt->execute([$username, $email, $hashed_password, $role_id, $division_id, $department_id]);
+
+        header('Location: user_management.php?success=user_created');
+        exit;
+
+    } catch (PDOException $e) {
+        header('Location: user_management.php?error=db_error');
+        exit;
+    }
+}
\ No newline at end of file
diff --git a/dashboard.php b/dashboard.php
new file mode 100644
index 0000000..6391a5d
--- /dev/null
+++ b/dashboard.php
@@ -0,0 +1,41 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])) {
+    header('Location: login.php');
+    exit;
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Dashboard</title>
+    <style>
+        body { font-family: Inter, system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif; background-color: #F7F9FC; color: #333; margin: 0; padding: 20px; display: flex; justify-content: center; align-items: center; height: 100vh; }
+        .container { max-width: 800px; margin: 0 auto; background-color: #FFFFFF; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); padding: 40px; text-align: center; }
+        h1 { color: #4A90E2; margin-bottom: 30px; }
+        .nav-links a { display: block; background-color: #4A90E2; color: white; padding: 15px 20px; margin: 10px 0; border-radius: 5px; text-decoration: none; font-size: 18px; transition: background-color 0.3s; }
+        .nav-links a:hover { background-color: #357ABD; }
+        .logout-link { margin-top: 30px; }
+        .logout-link a { color: #E35050; text-decoration: none; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div style="text-align: right; position: absolute; top: 20px; right: 20px;">
+            Logged in as <strong><?php echo htmlspecialchars($_SESSION['username']); ?></strong>
+        </div>
+        <h1>Dashboard</h1>
+        <div class="nav-links">
+            <a href="request_dashboard.php">Program Change Requests</a>
+            <?php if (isset($_SESSION['role']) && $_SESSION['role'] === 'Admin'): ?>
+                <a href="user_management.php">User Management</a>
+            <?php endif; ?>
+        </div>
+        <div class="logout-link">
+            <a href="logout.php">Logout</a>
+        </div>
+    </div>
+</body>
+</html>
\ No newline at end of file
diff --git a/db/migrations/001_create_tables.sql b/db/migrations/001_create_tables.sql
new file mode 100644
index 0000000..4d7521e
--- /dev/null
+++ b/db/migrations/001_create_tables.sql
@@ -0,0 +1,35 @@
+CREATE TABLE IF NOT EXISTS `ChangeRequests` (
+    `id` INT AUTO_INCREMENT PRIMARY KEY,
+    `system_receipt_no` VARCHAR(255) NULL,
+    `request_mgmt_no` VARCHAR(255) NULL,
+    `company` VARCHAR(255) NOT NULL,
+    `hq_name` VARCHAR(255) NOT NULL,
+    `department_name` VARCHAR(255) NOT NULL,
+    `requester_name` VARCHAR(255) NOT NULL,
+    `extension` VARCHAR(255) NULL,
+    `issued_date` DATE NOT NULL,
+    `desired_date` DATE NULL,
+    `has_attachment` BOOLEAN DEFAULT FALSE,
+    `request_title` VARCHAR(255) NOT NULL,
+    `background_purpose` TEXT NOT NULL,
+    `implementation_details` TEXT NOT NULL,
+    `quantitative_effect` TEXT NULL,
+    `basis_of_calculation` TEXT NULL,
+    `qualitative_effect` TEXT NULL,
+    `category` ENUM('Legal', 'Business Challenge', 'Cust. Complaint', 'Cust. Request', 'Settings/Conversions', 'Improvement', 'Other') NOT NULL,
+    `impact_range` ENUM('All ROHM', 'Within Headquarters', 'Within Dept/Div', 'Other') NOT NULL,
+    `workload_estimation` DECIMAL(10, 2) NULL,
+    `scheduled_start_date` DATE NULL,
+    `system_div_comments` TEXT NULL,
+    `effect_confirmation_required` BOOLEAN DEFAULT FALSE,
+    `actual_effect_amount` DECIMAL(10, 2) NULL,
+    `status` ENUM('Draft', 'Dept_Approval_Pending', 'System_Reception', 'Under_Consideration', 'In_Progress', 'Completed', 'Rejected') DEFAULT 'Draft'
+);
+
+CREATE TABLE IF NOT EXISTS `Attachments` (
+    `id` INT AUTO_INCREMENT PRIMARY KEY,
+    `request_id` INT NOT NULL,
+    `file_path` VARCHAR(255) NOT NULL,
+    `file_name` VARCHAR(255) NOT NULL,
+    FOREIGN KEY (`request_id`) REFERENCES `ChangeRequests`(`id`) ON DELETE CASCADE
+);
diff --git a/db/migrations/002_create_users_table.sql b/db/migrations/002_create_users_table.sql
new file mode 100644
index 0000000..5cca067
--- /dev/null
+++ b/db/migrations/002_create_users_table.sql
@@ -0,0 +1,8 @@
+CREATE TABLE IF NOT EXISTS `users` (
+  `id` INT AUTO_INCREMENT PRIMARY KEY,
+  `username` VARCHAR(255) NOT NULL UNIQUE,
+  `email` VARCHAR(255) NOT NULL UNIQUE,
+  `password` VARCHAR(255) NOT NULL,
+  `role` ENUM('Requester', 'Dept Manager/GM', 'System Div Admin', 'Planning Dept', 'System GM', 'Admin') NOT NULL DEFAULT 'Requester',
+  `created_at` TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
diff --git a/db/migrations/003_add_approval_flow.sql b/db/migrations/003_add_approval_flow.sql
new file mode 100644
index 0000000..2ad625c
--- /dev/null
+++ b/db/migrations/003_add_approval_flow.sql
@@ -0,0 +1,7 @@
+
+ALTER TABLE `users` ADD COLUMN `department` VARCHAR(255) NULL;
+
+ALTER TABLE `ChangeRequests`
+    ADD COLUMN `approval_level_pending` ENUM('Dept Manager/GM', 'System Div Admin', 'Planning Dept', 'System GM', 'None') DEFAULT 'Dept Manager/GM',
+    ADD COLUMN `rejection_reason` TEXT NULL,
+    MODIFY COLUMN `status` ENUM('Draft', 'Pending Approval', 'Approved', 'Rejected', 'In Progress', 'Completed') DEFAULT 'Draft';
diff --git a/db/migrations/004_add_request_number.sql b/db/migrations/004_add_request_number.sql
new file mode 100644
index 0000000..e70e1f1
--- /dev/null
+++ b/db/migrations/004_add_request_number.sql
@@ -0,0 +1 @@
+ALTER TABLE `ChangeRequests` ADD `request_number` VARCHAR(255) NULL AFTER `id`;
\ No newline at end of file
diff --git a/db/migrations/005_add_organization_structure.sql b/db/migrations/005_add_organization_structure.sql
new file mode 100644
index 0000000..903ad7b
--- /dev/null
+++ b/db/migrations/005_add_organization_structure.sql
@@ -0,0 +1,23 @@
+CREATE TABLE divisions (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    name VARCHAR(255) NOT NULL UNIQUE
+);
+
+CREATE TABLE departments (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    name VARCHAR(255) NOT NULL,
+    division_id INT NOT NULL,
+    FOREIGN KEY (division_id) REFERENCES divisions(id) ON DELETE CASCADE
+);
+
+CREATE TABLE roles (
+    id INT AUTO_INCREMENT PRIMARY KEY,
+    name VARCHAR(255) NOT NULL,
+    department_id INT NOT NULL,
+    FOREIGN KEY (department_id) REFERENCES departments(id) ON DELETE CASCADE
+);
+
+ALTER TABLE users
+ADD COLUMN division_id INT,
+ADD COLUMN department_id INT,
+ADD COLUMN role_id INT;
\ No newline at end of file
diff --git a/db/migrations/006_remove_old_user_columns.sql b/db/migrations/006_remove_old_user_columns.sql
new file mode 100644
index 0000000..4992584
--- /dev/null
+++ b/db/migrations/006_remove_old_user_columns.sql
@@ -0,0 +1,3 @@
+-- Remove old role and department columns from users table
+ALTER TABLE users DROP COLUMN role;
+ALTER TABLE users DROP COLUMN department;
diff --git a/delete_department.php b/delete_department.php
new file mode 100644
index 0000000..0b4c773
--- /dev/null
+++ b/delete_department.php
@@ -0,0 +1,12 @@
+<?php
+require_once 'db/config.php';
+
+$id = $_GET['id'];
+
+try {
+    $stmt = db()->prepare("DELETE FROM departments WHERE id = ?");
+    $stmt->execute([$id]);
+    header('Location: user_management.php');
+} catch (PDOException $e) {
+    echo "Error: " . $e->getMessage();
+}
\ No newline at end of file
diff --git a/delete_division.php b/delete_division.php
new file mode 100644
index 0000000..4883ef4
--- /dev/null
+++ b/delete_division.php
@@ -0,0 +1,12 @@
+<?php
+require_once 'db/config.php';
+
+$id = $_GET['id'];
+
+try {
+    $stmt = db()->prepare("DELETE FROM divisions WHERE id = ?");
+    $stmt->execute([$id]);
+    header('Location: user_management.php');
+} catch (PDOException $e) {
+    echo "Error: " . $e->getMessage();
+}
\ No newline at end of file
diff --git a/delete_role.php b/delete_role.php
new file mode 100644
index 0000000..f1db049
--- /dev/null
+++ b/delete_role.php
@@ -0,0 +1,12 @@
+<?php
+require_once 'db/config.php';
+
+$id = $_GET['id'];
+
+try {
+    $stmt = db()->prepare("DELETE FROM roles WHERE id = ?");
+    $stmt->execute([$id]);
+    header('Location: user_management.php');
+} catch (PDOException $e) {
+    echo "Error: " . $e->getMessage();
+}
\ No newline at end of file
diff --git a/edit_department.php b/edit_department.php
new file mode 100644
index 0000000..0597cf4
--- /dev/null
+++ b/edit_department.php
@@ -0,0 +1,50 @@
+<?php
+require_once 'db/config.php';
+
+$id = $_GET['id'];
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    $name = $_POST['name'];
+    $division_id = $_POST['division_id'];
+    try {
+        $stmt = db()->prepare("UPDATE departments SET name = ?, division_id = ? WHERE id = ?");
+        $stmt->execute([$name, $division_id, $id]);
+        header('Location: user_management.php');
+    } catch (PDOException $e) {
+        echo "Error: " . $e->getMessage();
+    }
+}
+
+try {
+    $stmt = db()->prepare("SELECT * FROM departments WHERE id = ?");
+    $stmt->execute([$id]);
+    $department = $stmt->fetch();
+
+    $div_stmt = db()->query('SELECT id, name FROM divisions ORDER BY name');
+    $divisions = $div_stmt->fetchAll();
+} catch (PDOException $e) {
+    echo "Error: " . $e->getMessage();
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Edit Department</title>
+</head>
+<body>
+    <h2>Edit Department</h2>
+    <form method="post">
+        <label>Department Name:</label>
+        <input type="text" name="name" value="<?= htmlspecialchars($department['name']) ?>" required>
+        <label>Division:</label>
+        <select name="division_id" required>
+            <?php foreach ($divisions as $division): ?>
+                <option value="<?= $division['id'] ?>" <?= $division['id'] == $department['division_id'] ? 'selected' : '' ?>><?= htmlspecialchars($division['name']) ?></option>
+            <?php endforeach; ?>
+        </select>
+        <button type="submit">Update</button>
+    </form>
+    <a href="user_management.php">Back to User Management</a>
+</body>
+</html>
\ No newline at end of file
diff --git a/edit_division.php b/edit_division.php
new file mode 100644
index 0000000..6b946b5
--- /dev/null
+++ b/edit_division.php
@@ -0,0 +1,40 @@
+<?php
+require_once 'db/config.php';
+
+$id = $_GET['id'];
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    $name = $_POST['name'];
+    try {
+        $stmt = db()->prepare("UPDATE divisions SET name = ? WHERE id = ?");
+        $stmt->execute([$name, $id]);
+        header('Location: user_management.php');
+    } catch (PDOException $e) {
+        echo "Error: " . $e->getMessage();
+    }
+}
+
+try {
+    $stmt = db()->prepare("SELECT * FROM divisions WHERE id = ?");
+    $stmt->execute([$id]);
+    $division = $stmt->fetch();
+} catch (PDOException $e) {
+    echo "Error: " . $e->getMessage();
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Edit Division</title>
+</head>
+<body>
+    <h2>Edit Division</h2>
+    <form method="post">
+        <label>Division Name:</label>
+        <input type="text" name="name" value="<?= htmlspecialchars($division['name']) ?>" required>
+        <button type="submit">Update</button>
+    </form>
+    <a href="user_management.php">Back to User Management</a>
+</body>
+</html>
\ No newline at end of file
diff --git a/edit_role.php b/edit_role.php
new file mode 100644
index 0000000..00ea430
--- /dev/null
+++ b/edit_role.php
@@ -0,0 +1,50 @@
+<?php
+require_once 'db/config.php';
+
+$id = $_GET['id'];
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+    $name = $_POST['name'];
+    $department_id = $_POST['department_id'];
+    try {
+        $stmt = db()->prepare("UPDATE roles SET name = ?, department_id = ? WHERE id = ?");
+        $stmt->execute([$name, $department_id, $id]);
+        header('Location: user_management.php');
+    } catch (PDOException $e) {
+        echo "Error: " . $e->getMessage();
+    }
+}
+
+try {
+    $stmt = db()->prepare("SELECT * FROM roles WHERE id = ?");
+    $stmt->execute([$id]);
+    $role = $stmt->fetch();
+
+    $dept_stmt = db()->query('SELECT id, name FROM departments ORDER BY name');
+    $departments = $dept_stmt->fetchAll();
+} catch (PDOException $e) {
+    echo "Error: " . $e->getMessage();
+}
+?>
+
+<!DOCTYPE html>
+<html>
+<head>
+    <title>Edit Role</title>
+</head>
+<body>
+    <h2>Edit Role</h2>
+    <form method="post">
+        <label>Role Name:</label>
+        <input type="text" name="name" value="<?= htmlspecialchars($role['name']) ?>" required>
+        <label>Department:</label>
+        <select name="department_id" required>
+            <?php foreach ($departments as $department): ?>
+                <option value="<?= $department['id'] ?>" <?= $department['id'] == $role['department_id'] ? 'selected' : '' ?>><?= htmlspecialchars($department['name']) ?></option>
+            <?php endforeach; ?>
+        </select>
+        <button type="submit">Update</button>
+    </form>
+    <a href="user_management.php">Back to User Management</a>
+</body>
+</html>
\ No newline at end of file
diff --git a/edit_user.php b/edit_user.php
new file mode 100644
index 0000000..6651308
--- /dev/null
+++ b/edit_user.php
@@ -0,0 +1,108 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'Admin') {
+    header('Location: user_management.php?error=unauthorized');
+    exit;
+}
+
+$user_id = $_GET['id'] ?? null;
+if (!$user_id) {
+    header('Location: user_management.php');
+    exit;
+}
+
+$pdo = db();
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $role_id = $_POST['role_id'] ?? '';
+    $division_id = $_POST['division_id'] ?? null;
+    $department_id = $_POST['department_id'] ?? null;
+
+    if (empty($role_id)) {
+        header('Location: edit_user.php?id=' . $user_id . '&error=missing_fields');
+        exit;
+    }
+
+    try {
+        $stmt = $pdo->prepare("UPDATE users SET role_id = ?, division_id = ?, department_id = ? WHERE id = ?");
+        $stmt->execute([$role_id, $division_id, $department_id, $user_id]);
+        header('Location: user_management.php?success=user_updated');
+        exit;
+    } catch (PDOException $e) {
+        header('Location: edit_user.php?id=' . $user_id . '&error=db_error');
+        exit;
+    }
+}
+
+try {
+    // Fetch user data along with their division, department, and role IDs
+    $stmt = $pdo->prepare("SELECT u.id, u.username, u.email, u.role_id, r.department_id, d.division_id FROM users u LEFT JOIN roles r ON u.role_id = r.id LEFT JOIN departments d ON r.department_id = d.id WHERE u.id = ?");
+    $stmt->execute([$user_id]);
+    $user = $stmt->fetch();
+    if (!$user) {
+        header('Location: user_management.php?error=user_not_found');
+        exit;
+    }
+
+    // Fetch all divisions
+    $divisions = $pdo->query("SELECT id, name FROM divisions ORDER BY name")->fetchAll();
+
+} catch (PDOException $e) {
+    die('Database error: ' . $e->getMessage());
+}
+
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Edit User</title>
+    <style>
+        body { font-family: Inter, system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif; background-color: #F7F9FC; color: #333; margin: 0; padding: 20px; }
+        .container { max-width: 500px; margin: 0 auto; background-color: #FFFFFF; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); padding: 20px; }
+        h1 { color: #4A90E2; }
+        .form-label { display: block; margin-bottom: 5px; font-weight: bold; }
+        .form-control, .form-select { width: 100%; padding: 8px; margin-bottom: 10px; border-radius: 4px; border: 1px solid #ccc; }
+        .btn { padding: 10px 15px; border: none; border-radius: 4px; cursor: pointer; color: white; }
+        .btn-primary { background-color: #4A90E2; }
+        .btn-secondary { background-color: #6c757d; }
+    </style>
+</head>
+<body>
+<div class="container mt-5">
+    <h1>Edit User: <?php echo htmlspecialchars($user['username']); ?></h1>
+    <?php if (isset($_GET['error'])): ?>
+        <div class="alert alert-danger">An error occurred. Please try again.</div>
+    <?php endif; ?>
+    <form method="POST">
+        <div class="mb-3">
+            <label for="division_id" class="form-label">Division</label>
+            <select class="form-select" id="division_id" name="division_id" required>
+                <option value="">Select Division</option>
+                <?php foreach ($divisions as $division): ?>
+                    <option value="<?php echo $division['id']; ?>" <?php echo ($division['id'] == $user['division_id']) ? 'selected' : ''; ?>><?php echo htmlspecialchars($division['name']); ?></option>
+                <?php endforeach; ?>
+            </select>
+        </div>
+        <div class="mb-3">
+            <label for="department_id" class="form-label">Department</label>
+            <select class="form-select" id="department_id" name="department_id" required data-initial="<?php echo htmlspecialchars($user['department_id']); ?>">
+                <option value="">Select Department</option>
+            </select>
+        </div>
+        <div class="mb-3">
+            <label for="role_id" class="form-label">Role</label>
+            <select class="form-select" id="role_id" name="role_id" required data-initial="<?php echo htmlspecialchars($user['role_id']); ?>">
+                <option value="">Select Role</option>
+            </select>
+        </div>
+        <button type="submit" class="btn btn-primary">Update User</button>
+        <a href="user_management.php" class="btn btn-secondary">Cancel</a>
+    </form>
+</div>
+<script src="assets/js/edit_user.js?v=<?php echo time(); ?>"></script>
+</body>
+</html>
\ No newline at end of file
diff --git a/index.php b/index.php
index 7205f3d..3e83a3b 100644
--- a/index.php
+++ b/index.php
@@ -3,6 +3,7 @@ declare(strict_types=1);
 @ini_set('display_errors', '1');
 @error_reporting(E_ALL);
 @date_default_timezone_set('UTC');
+session_start();
 
 $phpVersion = PHP_VERSION;
 $now = date('Y-m-d H:i:s');
@@ -129,18 +130,46 @@ $projectImageUrl = $_SERVER['PROJECT_IMAGE_URL'] ?? '';
       font-size: 0.8rem;
       opacity: 0.7;
     }
+    .btn {
+        display: inline-block;
+        padding: 10px 20px;
+        margin: 5px;
+        border-radius: 5px;
+        text-decoration: none;
+        color: white;
+        font-weight: bold;
+        transition: background-color 0.3s;
+    }
+    .btn-primary {
+        background-color: #4A90E2;
+    }
+    .btn-primary:hover {
+        background-color: #357ABD;
+    }
+    .btn-secondary {
+        background-color: #50E3C2;
+    }
+    .btn-secondary:hover {
+        background-color: #45B8A0;
+    }
   </style>
 </head>
 <body>
   <main>
     <div class="card">
-      <h1>Analyzing your requirements and generating your website…</h1>
-      <div class="loader" role="status" aria-live="polite" aria-label="Applying initial changes">
-        <span class="sr-only">Loading…</span>
-      </div>
-      <p class="hint"><?= ($_SERVER['HTTP_HOST'] ?? '') === 'appwizzy.com' ? 'AppWizzy' : 'Flatlogic' ?> AI is collecting your requirements and applying the first changes.</p>
-      <p class="hint">This page will update automatically as the plan is implemented.</p>
-      <p>Runtime: PHP <code><?= htmlspecialchars($phpVersion) ?></code> — UTC <code><?= htmlspecialchars($now) ?></code></p>
+      <h1>Program Change Request System</h1>
+      <p>Welcome to the Program Change Request System. You can use this system to submit, track, and manage program change requests.</p>
+      
+      <?php if (isset($_SESSION['user_id'])): ?>
+        <p>Logged in as <strong><?php echo htmlspecialchars($_SESSION['username']); ?></strong>.</p>
+        <a href="create_request.php" class="btn btn-primary">Create a new Request</a>
+        <a href="request_dashboard.php" class="btn btn-secondary">View Requests</a>
+        <a href="dashboard.php" class="btn btn-secondary">Dashboard</a>
+        <a href="logout.php" class="btn btn-secondary">Logout</a>
+      <?php else: ?>
+        <a href="login.php" class="btn btn-primary">Login</a>
+        <a href="register.php" class="btn btn-secondary">Register</a>
+      <?php endif; ?>
     </div>
   </main>
   <footer>
diff --git a/login.php b/login.php
new file mode 100644
index 0000000..d5e6bd1
--- /dev/null
+++ b/login.php
@@ -0,0 +1,78 @@
+<?php
+session_start();
+require_once 'db/config.php';
+
+$error = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = $_POST['username'] ?? '';
+    $password = $_POST['password'] ?? '';
+
+    if (empty($username) || empty($password)) {
+        $error = 'Please fill in both fields.';
+    } else {
+        try {
+            $stmt = db()->prepare("SELECT * FROM users WHERE username = ?");
+            $stmt->execute([$username]);
+            $user = $stmt->fetch();
+
+            if ($user && password_verify($password, $user['password'])) {
+                $_SESSION['user_id'] = $user['id'];
+                $_SESSION['username'] = $user['username'];
+                $_SESSION['role'] = $user['role'];
+                $_SESSION['department'] = $user['department'];
+                header("Location: request_dashboard.php");
+                exit;
+            } else {
+                $error = 'Invalid username or password.';
+            }
+        } catch (PDOException $e) {
+            $error = "DB Error: " . $e->getMessage();
+        }
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Login</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <style>
+        body {
+            background-color: #f7f9fc;
+        }
+        .container {
+            max-width: 400px;
+            margin-top: 100px;
+            background-color: #fff;
+            padding: 40px;
+            border-radius: 10px;
+            box-shadow: 0 4px 20px rgba(0,0,0,0.1);
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h2 class="text-center mb-4">Login</h2>
+        <?php if ($error): ?>
+            <div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
+        <?php endif; ?>
+        <form method="POST">
+            <div class="mb-3">
+                <label for="username" class="form-label">Username</label>
+                <input type="text" class="form-control" id="username" name="username" required>
+            </div>
+            <div class="mb-3">
+                <label for="password" class="form-label">Password</label>
+                <input type="password" class="form-control" id="password" name="password" required>
+            </div>
+            <button type="submit" class="btn btn-primary w-100">Login</button>
+        </form>
+        <div class="text-center mt-3">
+            <p>Don't have an account? <a href="register.php">Register here</a></p>
+        </div>
+    </div>
+</body>
+</html>
diff --git a/logout.php b/logout.php
new file mode 100644
index 0000000..766a593
--- /dev/null
+++ b/logout.php
@@ -0,0 +1,6 @@
+<?php
+session_start();
+session_unset();
+session_destroy();
+header("Location: login.php");
+exit;
diff --git a/register.php b/register.php
new file mode 100644
index 0000000..7734d81
--- /dev/null
+++ b/register.php
@@ -0,0 +1,90 @@
+<?php
+require_once 'db/config.php';
+
+$error = '';
+$success = '';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = $_POST['username'] ?? '';
+    $email = $_POST['email'] ?? '';
+    $password = $_POST['password'] ?? '';
+    $confirm_password = $_POST['confirm_password'] ?? '';
+
+    if (empty($username) || empty($email) || empty($password) || empty($confirm_password)) {
+        $error = 'Please fill in all fields.';
+    } elseif ($password !== $confirm_password) {
+        $error = 'Passwords do not match.';
+    } else {
+        try {
+            $stmt = db()->prepare("SELECT * FROM users WHERE username = ? OR email = ?");
+            $stmt->execute([$username, $email]);
+            if ($stmt->fetch()) {
+                $error = 'Username or email already exists.';
+            } else {
+                $hashed_password = password_hash($password, PASSWORD_DEFAULT);
+                $stmt = db()->prepare("INSERT INTO users (username, email, password) VALUES (?, ?, ?)");
+                $stmt->execute([$username, $email, $hashed_password]);
+                $success = 'Registration successful! You can now <a href="login.php">login</a>.';
+            }
+        } catch (PDOException $e) {
+            $error = "DB Error: " . $e->getMessage();
+        }
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Register</title>
+    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css" rel="stylesheet">
+    <style>
+        body {
+            background-color: #f7f9fc;
+        }
+        .container {
+            max-width: 400px;
+            margin-top: 100px;
+            background-color: #fff;
+            padding: 40px;
+            border-radius: 10px;
+            box-shadow: 0 4px 20px rgba(0,0,0,0.1);
+        }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h2 class="text-center mb-4">Register</h2>
+        <?php if ($error): ?>
+            <div class="alert alert-danger"><?= htmlspecialchars($error) ?></div>
+        <?php endif; ?>
+        <?php if ($success): ?>
+            <div class="alert alert-success"><?= $success ?></div>
+        <?php else: ?>
+        <form method="POST">
+            <div class="mb-3">
+                <label for="username" class="form-label">Username</label>
+                <input type="text" class="form-control" id="username" name="username" required>
+            </div>
+            <div class="mb-3">
+                <label for="email" class="form-label">Email</label>
+                <input type="email" class="form-control" id="email" name="email" required>
+            </div>
+            <div class="mb-3">
+                <label for="password" class="form-label">Password</label>
+                <input type="password" class="form-control" id="password" name="password" required>
+            </div>
+            <div class="mb-3">
+                <label for="confirm_password" class="form-label">Confirm Password</label>
+                <input type="password" class-="form-control" id="confirm_password" name="confirm_password" required>
+            </div>
+            <button type="submit" class="btn btn-primary w-100">Register</button>
+        </form>
+        <?php endif; ?>
+        <div class="text-center mt-3">
+            <p>Already have an account? <a href="login.php">Login here</a></p>
+        </div>
+    </div>
+</body>
+</html>
diff --git a/request_dashboard.php b/request_dashboard.php
new file mode 100644
index 0000000..e014671
--- /dev/null
+++ b/request_dashboard.php
@@ -0,0 +1,150 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])) {
+    header('Location: login.php');
+    exit;
+}
+require_once 'db/config.php';
+
+try {
+    $pdo = db();
+
+    // Default status filter
+    $status_filter = $_GET['status'] ?? null;
+
+    $sql = 'SELECT id, request_number, request_title, status, requester_name, issued_date, department_name, approval_level_pending FROM ChangeRequests';
+    $params = [];
+
+    // Role-based filtering for default view
+    if (isset($_SESSION['role']) && $_SESSION['role'] === 'Admin' && empty($status_filter)) {
+        $status_filter = 'Pending Approval';
+    }
+
+    if ($status_filter && $status_filter !== 'All') {
+        $sql .= ' WHERE status = :status';
+        $params[':status'] = $status_filter;
+    }
+
+    $sql .= ' ORDER BY issued_date DESC';
+
+    $stmt = $pdo->prepare($sql);
+    $stmt->execute($params);
+    $requests = $stmt->fetchAll(PDO::FETCH_ASSOC);
+} catch (PDOException $e) {
+    die("Database error: " . $e->getMessage());
+}
+
+function getStatusColor($status) {
+    switch ($status) {
+        case 'Draft':
+            return 'grey';
+        case 'Pending Approval':
+            return 'orange';
+        case 'Approved':
+            return 'green';
+        case 'Rejected':
+            return 'red';
+        case 'In Progress':
+            return 'blue';
+        case 'Completed':
+            return 'purple';
+        default:
+            return 'black';
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Change Requests Dashboard</title>
+    <style>
+        body { font-family: Inter, system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif; background-color: #F7F9FC; color: #333; margin: 0; padding: 20px; }
+        .container { max-width: 1200px; margin: 0 auto; background-color: #FFFFFF; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); padding: 20px; }
+        h1 { color: #4A90E2; }
+        table { width: 100%; border-collapse: collapse; margin-top: 20px; }
+        th, td { padding: 12px; border-bottom: 1px solid #ddd; text-align: left; vertical-align: middle; }
+        th { background-color: #f2f2f2; }
+        .status { padding: 5px 10px; border-radius: 15px; color: white; font-weight: bold; }
+        .actions form { display: inline-block; margin-right: 5px; }
+        .actions button {
+            padding: 6px 12px;
+            border: none;
+            border-radius: 4px;
+            cursor: pointer;
+            color: white;
+            font-weight: bold;
+        }
+        .actions button[value="approve"] { background-color: #50E3C2; }
+        .actions button[value="reject"] { background-color: #E35050; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div style="text-align: right; margin-bottom: 20px;">
+            Logged in as <strong><?php echo htmlspecialchars($_SESSION['username']); ?></strong> | <a href="logout.php">Logout</a>
+        </div>
+        <h1>Program Change Requests Dashboard</h1>
+        <div class="filters" style="margin-bottom: 20px;">
+            <strong>Filter by status:</strong>
+            <a href="request_dashboard.php?status=All">All</a> |
+            <a href="request_dashboard.php?status=Pending Approval">Pending Approval</a> |
+            <a href="request_dashboard.php?status=Approved">Approved</a> |
+            <a href="request_dashboard.php?status=Rejected">Rejected</a>
+        </div>
+        <table>
+            <thead>
+                <tr>
+                    <th>Request No.</th>
+                    <th>Title</th>
+                    <th>Requester</th>
+                    <th>Department</th>
+                    <th>Issued Date</th>
+                    <th>Status</th>
+                    <th>Pending Approval From</th>
+                    <th>Actions</th>
+                </tr>
+            </thead>
+            <tbody>
+                <?php if (empty($requests)): ?>
+                    <tr>
+                        <td colspan="8" style="text-align:center;">No change requests found.</td>
+                    </tr>
+                <?php else: ?>
+                    <?php foreach ($requests as $request): ?>
+                        <tr>
+                            <td><?php echo htmlspecialchars($request['request_number'] ?? 'N/A'); ?></td>
+                            <td><a href="view_request.php?id=<?php echo $request['id']; ?>"><?php echo htmlspecialchars($request['request_title']); ?></a></td>
+                            <td><?php echo htmlspecialchars($request['requester_name']); ?></td>
+                            <td><?php echo htmlspecialchars($request['department_name']); ?></td>
+                            <td><?php echo htmlspecialchars($request['issued_date']); ?></td>
+                            <td>
+                                <span class="status" style="background-color: <?php echo getStatusColor($request['status']); ?>;">
+                                    <?php echo htmlspecialchars(str_replace('_', ' ', $request['status'])); ?>
+                                </span>
+                            </td>
+                            <td><?php echo htmlspecialchars($request['approval_level_pending']); ?></td>
+                            <td class="actions">
+                                <?php 
+                                if ($request['status'] === 'Pending Approval' && 
+                                    isset($_SESSION['role']) && $_SESSION['role'] === $request['approval_level_pending'] && 
+                                    isset($_SESSION['department']) && $_SESSION['department'] === $request['department_name']): 
+                                ?>
+                                    <form action="approve_request.php" method="POST">
+                                        <input type="hidden" name="request_id" value="<?php echo $request['id']; ?>">
+                                        <button type="submit" name="action" value="approve">Approve</button>
+                                        <button type="submit" name="action" value="reject">Reject</button>
+                                    </form>
+                                <?php endif; ?>
+                            </td>
+                        </tr>
+                    <?php endforeach; ?>
+                <?php endif; ?>
+            </tbody>
+        </table>
+        <br>
+        <a href="dashboard.php">Menu</a>
+    </div>
+</body>
+</html>
diff --git a/update_status.php b/update_status.php
new file mode 100644
index 0000000..1043d02
--- /dev/null
+++ b/update_status.php
@@ -0,0 +1,33 @@
+<?php
+require_once 'db/config.php';
+
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $requestId = $_POST['request_id'] ?? null;
+    $action = $_POST['action'] ?? null;
+
+    if ($requestId && $action) {
+        $newStatus = null;
+        if ($action === 'approve') {
+            $newStatus = 'System_Reception';
+        } elseif ($action === 'reject') {
+            $newStatus = 'Rejected';
+        }
+
+        if ($newStatus) {
+            try {
+                $pdo = db();
+                $stmt = $pdo->prepare('UPDATE ChangeRequests SET status = :status WHERE id = :id AND status = :current_status');
+                $stmt->execute([
+                    ':status' => $newStatus,
+                    ':id' => $requestId,
+                    ':current_status' => 'Dept_Approval_Pending'
+                ]);
+            } catch (PDOException $e) {
+                die("Database error: " . $e->getMessage());
+            }
+        }
+    }
+}
+
+header('Location: request_dashboard.php');
+exit;
diff --git a/user_management.php b/user_management.php
new file mode 100644
index 0000000..ce6a8d5
--- /dev/null
+++ b/user_management.php
@@ -0,0 +1,262 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id']) || $_SESSION['role'] !== 'Admin') {
+    header('Location: login.php');
+    exit;
+}
+require_once 'db/config.php';
+
+try {
+    $pdo = db();
+    // Fetch users
+    $stmt = $pdo->query('SELECT u.id, u.username, u.email, u.created_at, r.name as role_name, d.name as department_name, dv.name as division_name FROM users u LEFT JOIN roles r ON u.role_id = r.id LEFT JOIN departments d ON r.department_id = d.id LEFT JOIN divisions dv ON d.division_id = dv.id ORDER BY u.created_at DESC');
+    $users = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    // Fetch divisions
+    $div_stmt = $pdo->query('SELECT id, name FROM divisions ORDER BY name');
+    $divisions = $div_stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    // Fetch departments
+    $dept_stmt = $pdo->query('SELECT d.id, d.name, v.name as division_name FROM departments d JOIN divisions v ON d.division_id = v.id ORDER BY v.name, d.name');
+    $departments = $dept_stmt->fetchAll(PDO::FETCH_ASSOC);
+
+    // Fetch roles
+    $role_stmt = $pdo->query('SELECT r.id, r.name, d.name as department_name FROM roles r JOIN departments d ON r.department_id = d.id ORDER BY d.name, r.name');
+    $roles = $role_stmt->fetchAll(PDO::FETCH_ASSOC);
+
+} catch (PDOException $e) {
+    echo "<div class='alert alert-danger'>Database error: " . $e->getMessage() . "</div>";
+    $users = [];
+    $divisions = [];
+    $departments = [];
+    $roles = [];
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>User Management</title>
+    <style>
+        body { font-family: Inter, system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif; background-color: #F7F9FC; color: #333; margin: 0; padding: 20px; }
+        .container { max-width: 1200px; margin: 0 auto; background-color: #FFFFFF; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); padding: 20px; }
+        h1, h3 { color: #4A90E2; }
+        table { width: 100%; border-collapse: collapse; margin-top: 20px; }
+        th, td { padding: 12px; border-bottom: 1px solid #ddd; text-align: left; }
+        th { background-color: #f2f2f2; }
+        .alert { padding: 15px; margin-bottom: 20px; border-radius: 4px; }
+        .alert-danger { background-color: #f8d7da; color: #721c24; border: 1px solid #f5c6cb; }
+        .alert-success { background-color: #d4edda; color: #155724; border: 1px solid #c3e6cb; }
+        .form-label { display: block; margin-bottom: 5px; font-weight: bold; }
+        .form-control, .form-select { width: 100%; padding: 8px; margin-bottom: 10px; border-radius: 4px; border: 1px solid #ccc; }
+        .btn { padding: 10px 15px; border: none; border-radius: 4px; cursor: pointer; color: white; }
+        .btn-primary { background-color: #4A90E2; }
+        .mt-5 { margin-top: 3rem !important; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <div style="text-align: right; margin-bottom: 20px;">
+            Logged in as <strong><?php echo htmlspecialchars($_SESSION['username']); ?></strong> | <a href="logout.php">Logout</a>
+        </div>
+        <h1>User Management</h1>
+
+        <!-- All Users -->
+        <h3>All Users</h3>
+        <table>
+            <thead>
+                <tr>
+                    <th>ID</th>
+                    <th>Username</th>
+                    <th>Email</th>
+                    <th>Division</th>
+                    <th>Department</th>
+                    <th>Role</th>
+                    <th>Registered At</th>
+                    <th>Actions</th>
+                </tr>
+            </thead>
+            <tbody>
+                <?php foreach ($users as $user): ?>
+                    <tr>
+                        <td><?php echo htmlspecialchars($user['id']); ?></td>
+                        <td><?php echo htmlspecialchars($user['username']); ?></td>
+                        <td><?php echo htmlspecialchars($user['email']); ?></td>
+                        <td><?php echo htmlspecialchars($user['division_name'] ?? 'N/A'); ?></td>
+                        <td><?php echo htmlspecialchars($user['department_name'] ?? 'N/A'); ?></td>
+                        <td><?php echo htmlspecialchars($user['role_name'] ?? 'N/A'); ?></td>
+                        <td><?php echo htmlspecialchars($user['created_at']); ?></td>
+                        <td><a href="edit_user.php?id=<?php echo $user['id']; ?>" class="btn btn-sm btn-primary">Edit</a></td>
+                    </tr>
+                <?php endforeach; ?>
+            </tbody>
+        </table>
+
+        <!-- Divisions -->
+        <h3 class="mt-5">Manage Divisions</h3>
+        <table>
+            <thead><tr><th>ID</th><th>Division Name</th><th>Actions</th></tr></thead>
+            <tbody>
+                <?php foreach ($divisions as $division): ?>
+                <tr>
+                    <td><?php echo htmlspecialchars($division['id']); ?></td>
+                    <td><?php echo htmlspecialchars($division['name']); ?></td>
+                    <td>
+                        <a href="edit_division.php?id=<?php echo $division['id']; ?>">Edit</a> |
+                        <a href="delete_division.php?id=<?php echo $division['id']; ?>" onclick="return confirm('Are you sure?')">Delete</a>
+                    </td>
+                </tr>
+                <?php endforeach; ?>
+            </tbody>
+        </table>
+        <form action="create_division.php" method="POST" style="max-width: 500px; margin-top:1rem;">
+            <input type="text" name="division_name" placeholder="New Division Name" required class="form-control">
+            <button type="submit" class="btn btn-primary">Add Division</button>
+        </form>
+
+        <!-- Departments -->
+        <h3 class="mt-5">Manage Departments</h3>
+        <table>
+            <thead><tr><th>ID</th><th>Department Name</th><th>Division</th><th>Actions</th></tr></thead>
+            <tbody>
+                <?php foreach ($departments as $department): ?>
+                <tr>
+                    <td><?php echo htmlspecialchars($department['id']); ?></td>
+                    <td><?php echo htmlspecialchars($department['name']); ?></td>
+                    <td><?php echo htmlspecialchars($department['division_name']); ?></td>
+                    <td>
+                        <a href="edit_department.php?id=<?php echo $department['id']; ?>">Edit</a> |
+                        <a href="delete_department.php?id=<?php echo $department['id']; ?>" onclick="return confirm('Are you sure?')">Delete</a>
+                    </td>
+                </tr>
+                <?php endforeach; ?>
+            </tbody>
+        </table>
+        <form action="create_department.php" method="POST" style="max-width: 500px; margin-top:1rem;">
+            <select name="division_id" required class="form-select">
+                <option value="">Select Division</option>
+                <?php foreach ($divisions as $division): ?>
+                <option value="<?php echo $division['id']; ?>"><?php echo htmlspecialchars($division['name']); ?></option>
+                <?php endforeach; ?>
+            </select>
+            <input type="text" name="department_name" placeholder="New Department Name" required class="form-control">
+            <button type="submit" class="btn btn-primary">Add Department</button>
+        </form>
+
+        <!-- Roles -->
+        <h3 class="mt-5">Manage Roles</h3>
+        <table>
+            <thead><tr><th>ID</th><th>Role Name</th><th>Department</th><th>Actions</th></tr></thead>
+            <tbody>
+                <?php foreach ($roles as $role): ?>
+                <tr>
+                    <td><?php echo htmlspecialchars($role['id']); ?></td>
+                    <td><?php echo htmlspecialchars($role['name']); ?></td>
+                    <td><?php echo htmlspecialchars($role['department_name']); ?></td>
+                    <td>
+                        <a href="edit_role.php?id=<?php echo $role['id']; ?>">Edit</a> |
+                        <a href="delete_role.php?id=<?php echo $role['id']; ?>" onclick="return confirm('Are you sure?')">Delete</a>
+                    </td>
+                </tr>
+                <?php endforeach; ?>
+            </tbody>
+        </table>
+        <form action="create_role.php" method="POST" style="max-width: 500px; margin-top:1rem;">
+            <select name="department_id" required class="form-select">
+                <option value="">Select Department</option>
+                <?php foreach ($departments as $department): ?>
+                <option value="<?php echo $department['id']; ?>"><?php echo htmlspecialchars($department['name']); ?> (<?php echo htmlspecialchars($department['division_name']); ?>)</option>
+                <?php endforeach; ?>
+            </select>
+            <input type="text" name="role_name" placeholder="New Role Name" required class="form-control">
+            <button type="submit" class="btn btn-primary">Add Role</button>
+        </form>
+
+        <!-- Create New User -->
+        <h3 class="mt-5">Create New User</h3>
+        <form action="create_user.php" method="POST" style="max-width: 500px;">
+            <div class="mb-3">
+                <label for="new_username" class="form-label">Username</label>
+                <input type="text" class="form-control" id="new_username" name="username" required>
+            </div>
+            <div class="mb-3">
+                <label for="new_email" class="form-label">Email</label>
+                <input type="email" class="form-control" id="new_email" name="email" required>
+            </div>
+            <div class="mb-3">
+                <label for="new_password" class="form-label">Password</label>
+                <input type="password" class="form-control" id="new_password" name="password" required>
+            </div>
+            <div class="mb-3">
+                <label for="division_id" class="form-label">Division</label>
+                <select name="division_id" id="division_id" required class="form-select">
+                    <option value="">Select Division</option>
+                    <?php foreach ($divisions as $division): ?>
+                    <option value="<?php echo $division['id']; ?>"><?php echo htmlspecialchars($division['name']); ?></option>
+                    <?php endforeach; ?>
+                </select>
+            </div>
+            <div class="mb-3">
+                <label for="department_id" class="form-label">Department</label>
+                <select name="department_id" id="department_id" required class="form-select">
+                    <option value="">Select Department</option>
+                </select>
+            </div>
+            <div class="mb-3">
+                <label for="role_id" class="form-label">Role</label>
+                <select name="role_id" id="role_id" required class="form-select">
+                    <option value="">Select Role</option>
+                </select>
+            </div>
+            <button type="submit" class="btn btn-primary">Create User</button>
+        </form>
+
+        <script>
+            document.getElementById('division_id').addEventListener('change', function() {
+                var divisionId = this.value;
+                var departmentSelect = document.getElementById('department_id');
+                var roleSelect = document.getElementById('role_id');
+                departmentSelect.innerHTML = '<option value="">Select Department</option>';
+                roleSelect.innerHTML = '<option value="">Select Role</option>';
+
+                if (divisionId) {
+                    fetch('api.php?action=get_departments&division_id=' + divisionId)
+                        .then(response => response.json())
+                        .then(data => {
+                            data.forEach(function(department) {
+                                var option = document.createElement('option');
+                                option.value = department.id;
+                                option.textContent = department.name;
+                                departmentSelect.appendChild(option);
+                            });
+                        });
+                }
+            });
+
+            document.getElementById('department_id').addEventListener('change', function() {
+                var departmentId = this.value;
+                var roleSelect = document.getElementById('role_id');
+                roleSelect.innerHTML = '<option value="">Select Role</option>';
+
+                if (departmentId) {
+                    fetch('api.php?action=get_roles&department_id=' + departmentId)
+                        .then(response => response.json())
+                        .then(data => {
+                            data.forEach(function(role) {
+                                var option = document.createElement('option');
+                                option.value = role.id;
+                                option.textContent = role.name;
+                                roleSelect.appendChild(option);
+                            });
+                        });
+                }
+            });
+        </script>
+
+
+        <br>
+        <a href="dashboard.php">Menu</a>
+    </div>
+</body>
+</html>
\ No newline at end of file
diff --git a/view_request.php b/view_request.php
new file mode 100644
index 0000000..9d1e496
--- /dev/null
+++ b/view_request.php
@@ -0,0 +1,167 @@
+<?php
+session_start();
+if (!isset($_SESSION['user_id'])) {
+    header('Location: login.php');
+    exit;
+}
+
+require_once 'db/config.php';
+
+if (!isset($_GET['id']) || empty($_GET['id'])) {
+    header('Location: request_dashboard.php');
+    exit;
+}
+
+$request_id = $_GET['id'];
+
+try {
+    $pdo = db();
+    $stmt = $pdo->prepare('SELECT * FROM ChangeRequests WHERE id = ?');
+    $stmt->execute([$request_id]);
+    $request = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if (!$request) {
+        die('Request not found.');
+    }
+} catch (PDOException $e) {
+    die("Database error: " . $e->getMessage());
+}
+
+function getStatusColor($status) {
+    switch ($status) {
+        case 'Draft': return 'grey';
+        case 'Pending Approval': return 'orange';
+        case 'Approved': return 'green';
+        case 'Rejected': return 'red';
+        case 'In Progress': return 'blue';
+        case 'Completed': return 'purple';
+        default: return 'black';
+    }
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>View Change Request</title>
+    <style>
+        body { font-family: Inter, system-ui, -apple-system, "Segoe UI", Roboto, "Helvetica Neue", Arial, sans-serif; background-color: #F7F9FC; color: #333; margin: 0; padding: 20px; }
+        .container { max-width: 800px; margin: 0 auto; background-color: #FFFFFF; border-radius: 8px; box-shadow: 0 2px 4px rgba(0,0,0,0.1); padding: 20px; }
+        h1 { color: #4A90E2; }
+        .request-details { margin-top: 20px; }
+        .request-details p { margin: 10px 0; }
+        .request-details strong { display: inline-block; width: 150px; }
+        .status { padding: 5px 10px; border-radius: 15px; color: white; font-weight: bold; }
+        .actions { margin-top: 30px; }
+        .actions form { display: inline-block; margin-right: 5px; }
+        .actions button {
+            padding: 10px 20px;
+            border: none;
+            border-radius: 4px;
+            cursor: pointer;
+            color: white;
+            font-weight: bold;
+        }
+        .actions button[value="approve"] { background-color: #50E3C2; }
+        .actions button[value="reject"] { background-color: #E35050; }
+        .rejection-reason { margin-top: 15px; }
+        .rejection-reason textarea { width: 100%; padding: 10px; border-radius: 4px; border: 1px solid #ddd; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>Request Details</h1>
+        <div class="request-details">
+            <p><strong>Request No.:</strong> <?php echo htmlspecialchars($request['request_number'] ?? 'N/A'); ?></p>
+            <p><strong>Title:</strong> <?php echo htmlspecialchars($request['request_title']); ?></p>
+            <p><strong>Background & Purpose:</strong></p>
+            <div style="padding: 10px; border: 1px solid #eee; border-radius: 5px; background: #fafafa;">
+                <?php echo nl2br(htmlspecialchars($request['background_purpose'])); ?>
+            </div>
+
+            <p><strong>Implementation Details:</strong></p>
+            <div style="padding: 10px; border: 1px solid #eee; border-radius: 5px; background: #fafafa;">
+                <?php echo nl2br(htmlspecialchars($request['implementation_details'])); ?>
+            </div>
+            <p><strong>Requester:</strong> <?php echo htmlspecialchars($request['requester_name']); ?></p>
+            <p><strong>Department:</strong> <?php echo htmlspecialchars($request['department_name']); ?></p>
+            <p><strong>Issued Date:</strong> <?php echo htmlspecialchars($request['issued_date']); ?></p>
+            <p><strong>Status:</strong>
+                <span class="status" style="background-color: <?php echo getStatusColor($request['status']); ?>;">
+                    <?php echo htmlspecialchars(str_replace('_', ' ', $request['status'])); ?>
+                </span>
+            </p>
+            <p><strong>Pending Approval:</strong> <?php echo htmlspecialchars($request['approval_level_pending']); ?></p>
+            <?php if ($request['status'] === 'Rejected' && !empty($request['rejection_reason'])): ?>
+                <p><strong>Rejection Reason:</strong> <?php echo htmlspecialchars($request['rejection_reason']); ?></p>
+            <?php endif; ?>
+        </div>
+
+        <div class="actions">
+            <?php
+            $is_authorized = false;
+            if (isset($_SESSION['role'])) {
+                $user_role = $_SESSION['role'];
+                $user_department = $_SESSION['department'] ?? null;
+                $request_status = $request['status'];
+                $pending_level = $request['approval_level_pending'];
+                $request_department = $request['department_name'];
+
+                if ($request_status === 'Pending Approval' && $user_role === $pending_level) {
+                    if ($user_role === 'Admin' || $user_department === $request_department) {
+                        $is_authorized = true;
+                    }
+                }
+            }
+
+            if ($is_authorized): ?>
+                <form action="approve_request.php" method="POST" id="approvalForm">
+                    <input type="hidden" name="request_id" value="<?php echo $request['id']; ?>">
+                    <button type="submit" name="action" value="approve">Approve</button>
+                    <button type="button" id="rejectBtn" name="action" value="reject">Reject</button>
+
+                    <div class="rejection-reason" id="rejectionReasonContainer" style="display:none;">
+                        <label for="rejection_reason"><strong>Reason for Rejection:</strong></label>
+                        <textarea id="rejection_reason" name="rejection_reason" rows="4"></textarea>
+                        <button type="submit" id="submitRejectionBtn">Submit Rejection</button>
+                    </div>
+                </form>
+            <?php endif; ?>
+        </div>
+
+        <br>
+        <a href="request_dashboard.php">Back to Dashboard</a>
+    </div>
+
+    <script>
+        const rejectBtn = document.getElementById('rejectBtn');
+        const rejectionReasonContainer = document.getElementById('rejectionReasonContainer');
+        const approvalForm = document.getElementById('approvalForm');
+        const submitRejectionBtn = document.getElementById('submitRejectionBtn');
+        const rejectionReasonTextarea = document.getElementById('rejection_reason');
+
+        if (rejectBtn) {
+            rejectBtn.addEventListener('click', () => {
+                rejectionReasonContainer.style.display = rejectionReasonContainer.style.display === 'none' ? 'block' : 'none';
+            });
+        }
+
+        if (submitRejectionBtn) {
+            submitRejectionBtn.addEventListener('click', (e) => {
+                e.preventDefault();
+                if (rejectionReasonTextarea.value.trim() === '') {
+                    alert('Rejection reason is required.');
+                    return;
+                }
+                const actionInput = document.createElement('input');
+                actionInput.setAttribute('type', 'hidden');
+                actionInput.setAttribute('name', 'action');
+                actionInput.setAttribute('value', 'reject');
+                approvalForm.appendChild(actionInput);
+                approvalForm.submit();
+            });
+        }
+    </script>
+</body>
+</html>