diff --git a/db/setup.php b/db/setup.php
index c9a676e..3915ec0 100644
--- a/db/setup.php
+++ b/db/setup.php
@@ -18,6 +18,7 @@ try {
     // Cars Table
     $pdo->exec("CREATE TABLE IF NOT EXISTS cars (
         id INT AUTO_INCREMENT PRIMARY KEY,
+        owner_id INT NULL,
         title VARCHAR(255) NOT NULL,
         brand VARCHAR(100) NOT NULL,
         model VARCHAR(100) NOT NULL,
@@ -30,16 +31,44 @@ try {
         description TEXT,
         image_url VARCHAR(255),
         status ENUM('available', 'sold') DEFAULT 'available',
-        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+        approval_status ENUM('pending', 'approved', 'rejected') DEFAULT 'approved',
+        view_count INT DEFAULT 0,
+        badge VARCHAR(50) NULL,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE SET NULL
     ) ENGINE=InnoDB;");
 
-    // Bookings Table
-    $pdo->exec("CREATE TABLE IF NOT EXISTS bookings (
+    // Reviews Table
+    $pdo->exec("CREATE TABLE IF NOT EXISTS reviews (
         id INT AUTO_INCREMENT PRIMARY KEY,
         user_id INT NOT NULL,
         car_id INT NOT NULL,
-        message TEXT,
-        status ENUM('pending', 'confirmed', 'cancelled') DEFAULT 'pending',
+        rating INT NOT NULL CHECK (rating >= 1 AND rating <= 5),
+        comment TEXT,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+        FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
+        FOREIGN KEY (car_id) REFERENCES cars(id) ON DELETE CASCADE
+    ) ENGINE=InnoDB;");
+
+    // Notifications Table
+    $pdo->exec("CREATE TABLE IF NOT EXISTS notifications (
+        id INT AUTO_INCREMENT PRIMARY KEY,
+        user_id INT NULL,
+        message TEXT NOT NULL,
+        type VARCHAR(50) DEFAULT 'info',
+        is_read TINYINT(1) DEFAULT 0,
+        created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+    ) ENGINE=InnoDB;");
+
+    // Purchases Table
+    $pdo->exec("CREATE TABLE IF NOT EXISTS purchases (
+        id INT AUTO_INCREMENT PRIMARY KEY,
+        user_id INT NOT NULL,
+        car_id INT NOT NULL,
+        amount DECIMAL(12, 2) NOT NULL,
+        bank_name VARCHAR(100) NOT NULL,
+        transaction_id VARCHAR(100) NOT NULL,
+        status ENUM('pending', 'completed', 'failed') DEFAULT 'completed',
         created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
         FOREIGN KEY (user_id) REFERENCES users(id) ON DELETE CASCADE,
         FOREIGN KEY (car_id) REFERENCES cars(id) ON DELETE CASCADE
@@ -65,47 +94,31 @@ try {
         $pdo->prepare("INSERT INTO users (full_name, email, password, role) VALUES (?, ?, ?, ?)")
             ->execute(['Admin User', $adminEmail, $pass, 'admin']);
         echo "Admin user created (admin@gmail.com / 12345678)\n";
+    } else {
+        // Update password just in case
+        $pass = password_hash('12345678', PASSWORD_DEFAULT);
+        $pdo->prepare("UPDATE users SET password = ? WHERE email = ?")->execute([$pass, $adminEmail]);
+        echo "Admin password verified/updated.\n";
     }
 
-    // Insert 20 cars if empty
+    // Insert cars if empty
     $stmt = $pdo->query("SELECT COUNT(*) FROM cars");
-    if ($stmt->fetchColumn() < 20) {
-        $pdo->exec("SET FOREIGN_KEY_CHECKS = 0");
-        $pdo->exec("TRUNCATE TABLE cars");
-        $pdo->exec("TRUNCATE TABLE bookings");
-        $pdo->exec("TRUNCATE TABLE favorites");
-        $pdo->exec("SET FOREIGN_KEY_CHECKS = 1");
-        
+    if ($stmt->fetchColumn() == 0) {
         $sampleCars = [
             ['Toyota Corolla 2022', 'Toyota', 'Corolla', 2022, 18500, 'Kabul', 'Petrol', 'Automatic', 12000, 'Like new condition, full options.', 'https://images.pexels.com/photos/3311574/pexels-photo-3311574.jpeg?auto=compress&cs=tinysrgb&w=800'],
             ['Lexus LX570 2018', 'Lexus', 'LX570', 2018, 75000, 'Herat', 'Petrol', 'Automatic', 45000, 'Powerful SUV, VIP interior.', 'https://images.pexels.com/photos/170811/pexels-photo-170811.jpeg?auto=compress&cs=tinysrgb&w=800'],
             ['Mercedes-Benz C300', 'Mercedes-Benz', 'C300', 2020, 32000, 'Mazar-i-Sharif', 'Petrol', 'Automatic', 25000, 'Excellent fuel efficiency and comfort.', 'https://images.pexels.com/photos/120049/pexels-photo-120049.jpeg?auto=compress&cs=tinysrgb&w=800'],
             ['Toyota Land Cruiser Prado', 'Toyota', 'Prado', 2019, 55000, 'Kabul', 'Diesel', 'Automatic', 30000, 'Perfect for off-road and city driving.', 'https://images.pexels.com/photos/112460/pexels-photo-112460.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Hyundai Elantra', 'Hyundai', 'Elantra', 2021, 21000, 'Kabul', 'Petrol', 'Automatic', 15000, 'Modern design and great fuel economy.', 'https://images.pexels.com/photos/3752162/pexels-photo-3752162.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Kia Sportage', 'Kia', 'Sportage', 2022, 28000, 'Herat', 'Petrol', 'Automatic', 8000, 'Latest model, panoramic sunroof.', 'https://images.pexels.com/photos/358070/pexels-photo-358070.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Toyota Hilux', 'Toyota', 'Hilux', 2020, 35000, 'Kandahar', 'Diesel', 'Manual', 40000, 'Reliable workhorse, 4x4.', 'https://images.pexels.com/photos/1035108/pexels-photo-1035108.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Honda Civic', 'Honda', 'Civic', 2017, 15000, 'Mazar-i-Sharif', 'Petrol', 'Automatic', 60000, 'Sporty look, well maintained.', 'https://images.pexels.com/photos/1149137/pexels-photo-1149137.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Lexus RX350', 'Lexus', 'RX350', 2016, 28000, 'Kabul', 'Petrol', 'Automatic', 75000, 'Luxury SUV, smooth ride.', 'https://images.pexels.com/photos/116675/pexels-photo-116675.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Nissan Patrol', 'Nissan', 'Patrol', 2015, 42000, 'Jalalabad', 'Petrol', 'Automatic', 90000, 'Desert king, powerful V8 engine.', 'https://images.pexels.com/photos/1637859/pexels-photo-1637859.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Toyota Camry 2023', 'Toyota', 'Camry', 2023, 31000, 'Kabul', 'Hybrid', 'Automatic', 5000, 'Eco-friendly and premium comfort.', 'https://images.pexels.com/photos/210019/pexels-photo-210019.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['BMW X5', 'BMW', 'X5', 2018, 45000, 'Kabul', 'Petrol', 'Automatic', 55000, 'High performance and luxury features.', 'https://images.pexels.com/photos/1007410/pexels-photo-1007410.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Ford Mustang', 'Ford', 'Mustang', 2019, 38000, 'Herat', 'Petrol', 'Automatic', 20000, 'Iconic muscle car, head-turner.', 'https://images.pexels.com/photos/337909/pexels-photo-337909.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Volkswagen Golf', 'Volkswagen', 'Golf', 2017, 14000, 'Mazar-i-Sharif', 'Diesel', 'Manual', 85000, 'Compact and efficient daily driver.', 'https://images.pexels.com/photos/1149831/pexels-photo-1149831.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Toyota RAV4', 'Toyota', 'RAV4', 2021, 29000, 'Kabul', 'Hybrid', 'Automatic', 12000, 'Smart SUV for modern lifestyle.', 'https://images.pexels.com/photos/3156482/pexels-photo-3156482.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Mercedes-Benz G-Class', 'Mercedes-Benz', 'G-Wagon', 2020, 180000, 'Kabul', 'Petrol', 'Automatic', 15000, 'Luxury status symbol, armored glass.', 'https://images.pexels.com/photos/100656/pexels-photo-100656.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Hyundai Tucson', 'Hyundai', 'Tucson', 2022, 27500, 'Herat', 'Petrol', 'Automatic', 10000, 'Modern tech and spacious interior.', 'https://images.pexels.com/photos/3972755/pexels-photo-3972755.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Kia Sorento', 'Kia', 'Sorento', 2021, 32000, 'Kabul', 'Diesel', 'Automatic', 18000, '7-seater family SUV, great for long trips.', 'https://images.pexels.com/photos/1149137/pexels-photo-1149137.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Honda Accord', 'Honda', 'Accord', 2018, 19500, 'Mazar-i-Sharif', 'Petrol', 'Automatic', 45000, 'Reliable sedan with premium feel.', 'https://images.pexels.com/photos/3802510/pexels-photo-3802510.jpeg?auto=compress&cs=tinysrgb&w=800'],
-            ['Toyota 4Runner', 'Toyota', '4Runner', 2017, 34000, 'Kabul', 'Petrol', 'Automatic', 70000, 'Legendary reliability, off-road ready.', 'https://images.pexels.com/photos/1592384/pexels-photo-1592384.jpeg?auto=compress&cs=tinysrgb&w=800']
+            ['Hyundai Elantra', 'Hyundai', 'Elantra', 2021, 21000, 'Kabul', 'Petrol', 'Automatic', 15000, 'Modern design and great fuel economy.', 'https://images.pexels.com/photos/3752162/pexels-photo-3752162.jpeg?auto=compress&cs=tinysrgb&w=800']
         ];
 
-        $insert = $pdo->prepare("INSERT INTO cars (title, brand, model, year, price, location, fuel_type, transmission, mileage, description, image_url) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
+        $insert = $pdo->prepare("INSERT INTO cars (title, brand, model, year, price, location, fuel_type, transmission, mileage, description, image_url, approval_status) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, 'approved')");
         foreach ($sampleCars as $car) {
             $insert->execute($car);
         }
-        echo "Database populated with 20 cars.\n";
+        echo "Database populated with cars.\n";
     }
 
 } catch (PDOException $e) {
     die("Database Error: " . $e->getMessage());
-}
+}
\ No newline at end of file
diff --git a/login.php b/login.php
index 7cca81e..4ce9603 100644
--- a/login.php
+++ b/login.php
@@ -4,8 +4,8 @@ include 'includes/header.php';
 
 $error = '';
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    $email = $_POST['email'] ?? '';
-    $password = $_POST['password'] ?? '';
+    $email = trim($_POST['email'] ?? '');
+    $password = trim($_POST['password'] ?? '');
 
     if ($email && $password) {
         $pdo = db();
@@ -17,7 +17,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
             $_SESSION['user_id'] = $user['id'];
             $_SESSION['full_name'] = $user['full_name'];
             $_SESSION['role'] = $user['role'];
-            header('Location: index.php');
+            
+            if ($user['role'] === 'admin') {
+                header('Location: admin/dashboard.php');
+            } else {
+                header('Location: user/dashboard.php');
+            }
             exit;
         } else {
             $error = "Invalid email or password.";
@@ -34,7 +39,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
             <div class="card border-0 shadow-sm p-4" style="border-radius: 20px;">
                 <div class="text-center mb-4">
                     <h2 class="fw-bold">Welcome Back</h2>
-                    <p class="text-muted">Login to manage your bookings and favorites</p>
+                    <p class="text-muted">Login to manage your listings and account</p>
                 </div>
 
                 <?php if ($error): ?>
@@ -44,7 +49,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                 <form method="POST">
                     <div class="mb-3">
                         <label class="form-label">Email Address</label>
-                        <input type="email" name="email" class="form-control" placeholder="name@example.com" required>
+                        <input type="email" name="email" class="form-control" placeholder="admin@gmail.com" required>
                     </div>
                     <div class="mb-4">
                         <label class="form-label">Password</label>
@@ -61,4 +66,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     </div>
 </div>
 
-<?php include 'includes/footer.php'; ?>
+<?php include 'includes/footer.php'; ?>
\ No newline at end of file
diff --git a/register.php b/register.php
index 7647190..ba745f3 100644
--- a/register.php
+++ b/register.php
@@ -4,10 +4,10 @@ include 'includes/header.php';
 
 $error = '';
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
-    $full_name = $_POST['full_name'] ?? '';
-    $email = $_POST['email'] ?? '';
-    $password = $_POST['password'] ?? '';
-    $phone = $_POST['phone'] ?? '';
+    $full_name = trim($_POST['full_name'] ?? '');
+    $email = trim($_POST['email'] ?? '');
+    $password = trim($_POST['password'] ?? '');
+    $phone = trim($_POST['phone'] ?? '');
 
     if ($full_name && $email && $password) {
         $pdo = db();
@@ -24,7 +24,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
                 $_SESSION['user_id'] = $pdo->lastInsertId();
                 $_SESSION['full_name'] = $full_name;
                 $_SESSION['role'] = 'user';
-                header('Location: index.php');
+                header('Location: user/dashboard.php');
                 exit;
             } else {
                 $error = "Registration failed. Please try again.";
@@ -77,4 +77,4 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     </div>
 </div>
 
-<?php include 'includes/footer.php'; ?>
+<?php include 'includes/footer.php'; ?>
\ No newline at end of file