diff --git a/header.php b/header.php
index 856d55e..67023ae 100644
--- a/header.php
+++ b/header.php
@@ -1,588 +1,593 @@
-<div id="header">
-	<div>
-	<h1><img src="Resources/designimages/logo.png" width="350" height="90"></h1>
-	</div>
-	</div>
-	<div class="navigationbar">
-	<ul>
-	<li><a href="Home.php">Home</a></li>
-	<li><a href="pnb.php">Products</a></li>
-	<li><a href="promotions.php">Promotions</a></li>
-	<li><a href="aboutus.php">About Us</a></li>
-	<li><a href="contactus.php">Contact Us</a></li>
-	<li><a href="cart.php">Cart</a></li>
-	<li><a href="myprofile.php">My Profile</a></li>
-	</ul>
-    </div>
-    
-    <?php
-require ('db.php');
-session_start();
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////Login page related .php////////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-/////////////////////////////Variables to store data/////////////////////////////
-$MESSAGE_LOGIN = '';
-$PRODUCT_ID    = '';
-/////////////////////////////Login/////////////////////////////
-if (isset($_POST['login'])) {
-		if (!isset($_POST['username']) || !isset($_POST['password'])) {
-				$MESSAGE_LOGIN = "Username or Password Empty";
-		} //!isset($_POST['username']) || !isset($_POST['password'])
-		else {
-				$USER                   = $_POST['username'];
-				$USERNAME               = mysqli_real_escape_string($con, $USER);
-				$PASS                   = $_POST['password'];
-				$PASSWORD               = mysqli_real_escape_string($con, $PASS);
-				$l_select_user          = "SELECT Username,Password FROM tblusers WHERE Username ='$USER' AND Password = '".md5($PASS)."' LIMIT 1";
-				$results_l_select_user  = mysqli_query($con, $l_select_user);
-				$l_select_admin         = "SELECT Username,Password FROM tbladmins WHERE Username='$USER' AND Password = '".md5($PASS)."' LIMIT 1";
-				$results_l_select_admin = mysqli_query($con, $l_select_admin);
-				if (mysqli_num_rows($results_l_select_user) > 0) {
-						$_SESSION['username']        = $USERNAME;
-						$l_insert_to_log_user        = "INSERT into `tbluserlog` (Username,LoginTime,Logout,Status) VALUES ('$USER','0',date('Y-m-d H:i:s'),'1')";
-						$result_l_insert_to_log_user = mysqli_query($con, $l_insert_to_log_user);
-						if (!isset($_SESSION['selectedproduct'])) {
-								header('location: myprofile.php');
-						} //!isset($_SESSION['selectedproduct'])
-						else {
-								$PRODUCT_ID              = $_SESSION['selectedproduct'];
-								$PRODUCT_QUANTITY        = $_SESSION['selectedquantity'];
-								$l_insert_to_cart        = "INSERT into `tblcart` (ProductID,Username,Quantity) VALUES (" . $PRODUCT_ID . ",'$USER'," . $PRODUCT_QUANTITY . ")";
-								$result_l_insert_to_cart = mysqli_query($con, $l_insert_to_cart);
-								header('location: cart.php');
-						}
-				} //mysqli_num_rows($results_l_select_user) > 0
-				else if (mysqli_num_rows($results_l_select_admin) > 0) {
-						$_SESSION['username']         = $USERNAME;
-						$l_insert_to_log_admin        = "INSERT into `tbluserlog` (Username,LoginTime,Logout,Status) VALUES ('$USER','0',date('Y-m-d H:i:s'),'1')";
-						$result_l_insert_to_log_admin = mysqli_query($con, $l_insert_to_log_admin);
-						header('location: admin/manageorders.php');
-				} //mysqli_num_rows($results_l_select_admin) > 0
-				else {
-						$MESSAGE_LOGIN = "Username or Password is Invalid";
-				}
-		}
-} //isset($_POST['login'])
-/////////////////////////////Continue as a guest/////////////////////////////
-if (isset($_POST['continueguest'])) {
-		$PRODUCT_ID                        = $_SESSION['selectedproduct'];
-		$PRODUCT_QUANTITY                  = $_SESSION['selectedquantity'];
-		$_SESSION['totalproducts']         = $PRODUCT_QUANTITY;
-		$generate_delivery_id_guest        = mysqli_query($con, "SELECT delivery_id FROM (SELECT FLOOR(RAND() * 99999) AS delivery_id  UNION SELECT FLOOR(RAND() * 99999) AS random_num) AS numbers_mst_plus_1 WHERE `delivery_id` NOT IN (SELECT DeliveryID FROM tblorder) LIMIT 1");
-		$result_generate_delivery_id_guest = mysqli_fetch_assoc($generate_delivery_id_guest);
-		$DELIVERY_ID_GUEST                 = $result_generate_delivery_id_guest['delivery_id'];
-		$_SESSION['deliveryid']            = $DELIVERY_ID_GUEST;
-		$l_select_total_price              = "SELECT ProductPrice FROM `tblproducts` WHERE ProductID='" . $PRODUCT_ID . "' ";
-		$result_l_select_total_price       = mysqli_query($con, $l_select_total_price);
-		$total_price                       = mysqli_fetch_assoc($result_l_select_total_price);
-		$PRICE                             = $total_price['ProductPrice'];
-		$TOTAL_PRICE                       = $PRICE * $PRODUCT_QUANTITY;
-		$_SESSION['totalprice']            = $TOTAL_PRICE;
-		$l_insert_order                    = "INSERT into `tblorder` (ProductID,Quantity,Username,DeliveryID) VALUES (" . $PRODUCT_ID . "," . $PRODUCT_QUANTITY . ",'Guest'," . $DELIVERY_ID_GUEST . ")";
-		$result_l_insert_ordert            = mysqli_query($con, $l_insert_order);
-		header("Location: checkout.php");
-} //isset($_POST['continueguest'])
-?>
-
-<?php
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////Register page related .php////////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-require('db.php');
-/////////////////////////////Variables to store data/////////////////////////////
-$MESSAGE_REGISTER = '';
-/////////////////////////////Regster/////////////////////////////
-if (isset($_POST["register"])) {
-		$USERNAME           = $_POST['username'];
-		$USERNAME           = mysqli_real_escape_string($con, $USERNAME);
-		$FIRST_NAME         = stripslashes($_POST['firstname']);
-		$FIRST_NAME         = mysqli_real_escape_string($con, $FIRST_NAME);
-		$LAST_NAME          = stripslashes($_POST['lastname']);
-		$LAST_NAME          = mysqli_real_escape_string($con, $LAST_NAME);
-		$E_MAIL             = stripslashes($_POST['email']);
-		$E_MAIL             = mysqli_real_escape_string($con, $E_MAIL);
-		$PHONE_NUMBER       = stripslashes($_POST['phonenumber']);
-		$PHONE_NUMBER       = mysqli_real_escape_string($con, $PHONE_NUMBER);
-		$PASSWORD           = stripslashes($_POST['password']);
-		$PASSWORD           = mysqli_real_escape_string($con, $PASSWORD);
-		$RE_TYPE_PASSWORD   = stripslashes($_POST['retypepassword']);
-		$RE_TYPE_PASSWORD   = mysqli_real_escape_string($con, $RE_TYPE_PASSWORD);
-		$SECURITY_QUESTION  = stripslashes($_POST['securityquestion']);
-		$SECURITY_QUESTION  = mysqli_real_escape_string($con, $SECURITY_QUESTION);
-		$SECURITY_ANSWER    = stripslashes($_POST['securityanswer']);
-		$SECURITY_ANSWER    = mysqli_real_escape_string($con, $SECURITY_ANSWER);
-		$select_user        = "SELECT * FROM tblusers WHERE Username='$USERNAME' OR EmailAddress='$E_MAIL' LIMIT 1";
-		$result_select_user = mysqli_query($con, $select_user);
-		$USER               = mysqli_fetch_assoc($result_select_user);
-		// if user exists
-		if ($USER) {
-				if ($USER['Username'] = $USERNAME) {
-						$MESSAGE_REGISTER = "OOPS! Username Is Already Taken!";
-				} //$USER['Username'] = $USERNAME
-				if ($USER['EmailAddress'] = $E_MAIL) {
-						$MESSAGE_REGISTER = "OOPS! Email Is Already Taken";
-				} //$USER['EmailAddress'] = $E_MAIL
-		} //$USER
-		// if fields are filled
-		else if (!isset($USERNAME) || !isset($FIRST_NAME) || !isset($LAST_NAME) || !isset($E_MAIL) || !isset($PHONE_NUMBER) || !isset($PASSWORD) || !isset($RE_TYPE_PASSWORD)) {
-				$MESSAGE_REGISTER = "OOPS! Fill Mandatory Fields!";
-		} //!isset($USERNAME) || !isset($FIRST_NAME) || !isset($LAST_NAME) || !isset($E_MAIL) || !isset($PHONE_NUMBER) || !isset($PASSWORD) || !isset($RE_TYPE_PASSWORD)
-		// if password matches
-		else if ($PASSWORD != $RE_TYPE_PASSWORD) {
-				$MESSAGE_REGISTER = "Password doesnt match!";
-		} //$PASSWORD != $RE_TYPE_PASSWORD
-		else if (strlen($PASSWORD) < '8') {
-        $MESSAGE_REGISTER= "Password Must Contain At Least 8 Characters!";
-    	}
-		else if (!filter_var($E_MAIL, FILTER_VALIDATE_EMAIL)) {
-  $MESSAGE_REGISTER = "Invalid Email";
-		}
-		
-		// enter user to database
-		else {
-				$insert_user        = "INSERT INTO `tblusers`(`Username`, `FirstName`, `LastName`, `EmailAddress`, `PhoneNumber`, `Password`, `SecurityQuestion`, `SecurityAnswer`) VALUES ('$USERNAME','$FIRST_NAME','$LAST_NAME','$E_MAIL','$PHONE_NUMBER','" . md5($PASSWORD) . "','$SECURITY_QUESTION','$SECURITY_ANSWER')";
-				$result_insert_user = mysqli_query($con, $insert_user);
-				if ($result_insert_user) {
-						$MESSAGE_REGISTER = "successful";
-				} //$result_insert_user
-				else {
-						$MESSAGE_REGISTER = "Registration unsuccessful!";
-				}
-		}
-		mysqli_close($con); // Closing connection
-} //isset($_POST["register"])
-?>
-
-<?php
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////View Products page related .php////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-require('db.php');
-///////////////////////Add products to cart///////////////////////
-$MESSAGE_REVIEW = '';
-if (isset($_POST['addtocart'])) {
-		if (!isset($_SESSION['username'])) {
-				$_SESSION['selectedproduct']  = $_POST['productid'];
-				$_SESSION['selectedquantity'] = $_POST['quantity'];
-				$_SESSION['crumbs']           = "1";
-				header("location: login.php");
-		} //!isset($_SESSION['username'])
-		else {
-				$PRODUCT_ID              = $_POST['productid'];
-				$PRODUCT_QUANTITY        = $_POST['quantity'];
-				$USERNAME                = $_SESSION['username'];
-				$v_insert_to_cart        = "INSERT into`tblcart` (ProductID, Username, Quantity) VALUES ('" . $PRODUCT_ID . "','" . $USERNAME . "','" . $PRODUCT_QUANTITY . "')";
-				$result_v_insert_to_cart = mysqli_query($con, $v_insert_to_cart);
-				header('location: cart.php');
-		}
-} //isset($_POST['addtocart'])
-///////////////////////Add a review///////////////////////
-if (isset($_POST['addreview'])) {
-		if (!isset($_POST['productid']) || !isset($_POST['review'])) {
-				$MESSAGE_REVIEW = "Unable to Place Review!";
-		} //!isset($_POST['productid']) || !isset($_POST['rating']) || !isset($_POST['review'])
-		else {
-				$PRODUCT_ID           = $_POST['productid'];
-				$USERNAME             = $_SESSION['username'];
-				$PRODUCT_REVIEW       = $_POST['review'];
-				$insert_review        = "INSERT INTO `tblproductreviews`(`ProductID`, `Username`, `Review`) VALUES ('" . $PRODUCT_ID . "','" . $USERNAME . "','" . $PRODUCT_REVIEW . "')";
-				$result_insert_review = mysqli_query($con, $insert_review);
-				if ($result_insert_review) {
-						$MESSAGE_REVIEW = "Thank you for your review!";
-						header('location: #.php');
-				} //$result_insert_review
-				else {
-						$MESSAGE_REVIEW = "Unable to Place Review!";
-						header('location: #.php');
-				}
-		}
-} //isset($_POST['addreview'])
-?>
-
-
-<?php
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////Products page related .php/////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-require('db.php');
-/////////////////////////////Strings to Store Variables/////////////////////////////
-$CATEGORY               = '';
-$CATEGORY_ID            = '';
-$MESSAGE                = '';
-$SORT_TYPE              = 'ASC';
-$SORT_COLUMN            = 'ProductPrice';
-$_SESSION['bikeselected']='';
-$BIKE_TYPE              = $_SESSION['bikeselected'];
-/////////////////////////////Select Categories/////////////////////////////
-$select_category        = "SELECT * FROM `tblcategory`";
-$result_select_category = mysqli_query($con, $select_category);
-/////////////////////////////Query Product Bike Type to Display/////////////////////////////
-$select_productbiketype = "SELECT DISTINCT ProductBikeType FROM `tblproducts`";
-$result_productbiketype = mysqli_query($con, $select_productbiketype);
-/////////////////////////////Select or Change Product Bike Type /////////////////////////////
-if (isset($_POST['productbiketype'])) {
-		$SELECT_BIKE              = $_POST['selectproductbiketype'];
-		$EXPLODED_VALUE2          = explode(",", $SELECT_BIKE);
-		$_SESSION['bikeselected'] = $EXPLODED_VALUE2[0];
-		$BIKE_TYPE                = $_SESSION['bikeselected'];
-} //isset($_POST['productbiketype'])
-if (isset($_POST['productbiketypechange'])) {
-		$_SESSION['bikeselected'] = '';
-		$BIKE_TYPE                = $_SESSION['bikeselected'];
-} //isset($_POST['productbiketypechange'])
-/////////////////////////////Identify type of sorting selected/////////////////////////////
-if (isset($_POST['sort'])) {
-		$SORT           = $_POST['sort'];
-		$EXPLODED_VALUE = explode(",", $SORT);
-		$SORT_TYPE      = $EXPLODED_VALUE[0];
-		$SORT_COLUMN    = $EXPLODED_VALUE[1];
-} //isset($_POST['sort'])
-/////////////////////////////Filter products based on category/////////////////////////////
-if (isset($_POST['categoryvalues'])) {
-		$CATEGORY_VALUES   = $_POST['categoryvalues'];
-		$CATEGORY_SELECTED = implode(",", $CATEGORY_VALUES);
-		$BIKE_TYPE                = $_SESSION['bikeselected'];
-		if ($BIKE_TYPE == "") {
-				$select_specific_products = "SELECT tblproducts.ProductID, tblproducts.ProductName, tblproducts.ProductPrice, tblproducts.ProductImage, tblproducts.ProductBikeType, tblproducts.ProductDiscountAmount, tblcategory.CategoryName FROM `tblproducts` INNER JOIN tblcategory ON tblproducts.CategoryID=tblcategory.CategoryID WHERE tblcategory.CategoryName = '" . $CATEGORY_SELECTED . "' ORDER BY " . $SORT_COLUMN . " " . $SORT_TYPE . "";
-				$result_products          = mysqli_query($con, $select_specific_products);
-				$CATEGORY                 = $CATEGORY_SELECTED;
-		} //$BIKE_TYPE == ''
-		else {
-				$select_specific_products2 = "SELECT tblproducts.ProductID, tblproducts.ProductName, tblproducts.ProductPrice, tblproducts.ProductImage, tblproducts.ProductBikeType, tblproducts.ProductDiscountAmount, tblcategory.CategoryName FROM `tblproducts` INNER JOIN tblcategory ON tblproducts.CategoryID=tblcategory.CategoryID WHERE tblproducts.ProductBikeType = '" . $BIKE_TYPE . "' AND tblcategory.CategoryName = '" . $CATEGORY_SELECTED . "' ORDER BY " . $SORT_COLUMN . " " . $SORT_TYPE . "";
-				$result_products           = mysqli_query($con, $select_specific_products2);
-				$CATEGORY                  = $CATEGORY_SELECTED;
-		}
-} //isset($_POST['categoryvalues'])
-/////////////////////////////Select All products/////////////////////////////
-else {
-		if ($BIKE_TYPE == '') {
-				$select_all_product1 = "SELECT * FROM `tblproducts`";
-				$result_products     = mysqli_query($con, $select_all_product1);
-				$MESSAGE             = "All Available Products!";
-		} //$BIKE_TYPE == ''
-		else {
-				$select_all_product2 = "SELECT * FROM `tblproducts` WHERE ProductBikeType = '" . $BIKE_TYPE . "'";
-				$result_products     = mysqli_query($con, $select_all_product2);
-				$MESSAGE             = "All Available Products of the Selected Bike!";
-		}
-}
-/////////////////////////////Search Products////////////////////////////
-if (isset($_POST['search'])) {
-	$BIKE_TYPE                = $_SESSION['bikeselected'];
-		$SEARCHED_VALUE = $_POST['searchproduct'];
-		if ($BIKE_TYPE == '') {
-				$search_products   = "SELECT * FROM `tblproducts` WHERE CONCAT(`ProductName`) LIKE '%" . $SEARCHED_VALUE . "%'";
-				$result_products   = mysqli_query($con, $search_products);
-				$ROWS              = mysqli_num_rows($result_products);
-				$MESSAGE           = "We have found ('" . $ROWS . "') that matches:'" . $SEARCHED_VALUE . "' for the Selected Bike ";
-				$CATEGORY_SELECTED = '5';
-		} //$BIKE_TYPE == ''
-		else {
-				$search_products2  = "SELECT * FROM `tblproducts` WHERE ProductBikeType = '" . $BIKE_TYPE . "' AND CONCAT(`ProductName`) LIKE '%" . $SEARCHED_VALUE . "%'";
-				$result_products   = mysqli_query($con, $search_products2);
-				$ROWS              = mysqli_num_rows($result_products);
-				$MESSAGE           = "We have found ('" . $ROWS . "') that matches:'" . $SEARCHED_VALUE . "' ";
-				$CATEGORY_SELECTED = '5';
-		}
-} //isset($_POST['search'])
-?>
-
-<?php
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////Cart page related .php/////////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-require('db.php');
-/////////////////////////////Update products in cart/////////////////////////////
-if (isset($_POST['updateitem'])) {
-		foreach ($_POST['selectedvalues'] as $idx => $selectionid) {
-				$update_cart        = "UPDATE tblcart SET Quantity='" . $_POST['quantity'][$idx] . "' WHERE SelectionID='" . $selectionid . "'";
-				$result_update_cart = mysqli_query($con, $update_cart);
-		} //$_POST['selectedvalues'] as $idx => $selectionid
-		header("Location: cart.php");
-} //isset($_POST['updateitem'])
-/////////////////////////////checkout products from cart/////////////////////////////
-if (isset($_POST['checkout'])) {
-		$generate_delivery_id        = mysqli_query($con, "SELECT delivery_id FROM (SELECT FLOOR(RAND() * 99999) AS delivery_id  UNION SELECT FLOOR(RAND() * 99999) AS random_num) AS numbers_mst_plus_1 WHERE `delivery_id` NOT IN (SELECT DeliveryID FROM tblorder) LIMIT 1");
-		$result_generate_delivery_id = mysqli_fetch_assoc($generate_delivery_id);
-		$DELIVERY_ID                 = $result_generate_delivery_id['delivery_id'];
-		$USER                        = $_SESSION['username'];
-		$insert_order                = "INSERT INTO tblorder (`ProductID`, `Quantity`, `Username`, `DeliveryID`) SELECT `ProductID`, `Quantity`, `Username`, '" . $DELIVERY_ID . "' FROM tblcart WHERE `Username` = '" . $USER . "' ";
-		$_SESSION['deliveryid']      = $DELIVERY_ID;
-		$result_insert_order         = mysqli_query($con, $insert_order);
-		header("Location: checkout.php");
-} //isset($_POST['checkout'])
-/////////////////////////////Removal of products from cart/////////////////////////////
-if (isset($_POST["removeitem"])) {
-		$IMPLODE_VALUES           = $_POST['checkedvalues'];
-		$CHECKED_VALUES_REMOVE    = implode(",", $IMPLODE_VALUES);
-		$remove_cart_items        = "DELETE FROM `tblcart` WHERE SelectionID in ($CHECKED_VALUES_REMOVE)";
-		$result_remove_cart_items = mysqli_query($con, $remove_cart_items);
-		header("Location: cart.php");
-} //isset($_POST["removeitem"])
-
-if (isset($_POST["continueshopping"])) {
-		header("Location: pnb.php");
-} //isset($_POST["continueshopping"])
-
-?>
-
-
-<?php
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////Checkout page related .php/////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-require('db.php');
-if (isset($_POST['placeorder'])) {
-		if (!isset($_SESSION['username'])) {
-				$DELIVERY_ID         = $_SESSION['deliveryid'];
-				$RECIPIENT_NAME      = $_POST['recipientname'];
-				$RECIPIENT_PHONE     = $_POST['recipientphone'];
-				$DELIVERY_ADDRESS    = $_POST['deliveryaddress'];
-				$DELIVERY_CITY       = $_POST['deliverycity'];
-				$LOCATION_TYPE       = $_POST['locationtype'];
-				$SHIPPING_CHARGE     = $_POST['shippingtype'];
-				$TOTAL_PRICE         = $_SESSION['totalprice'];
-				$USERNAME            = 'Guest';
-				$place_order1        = "INSERT into `tbldelivery` (`DeliveryID`,`RecipientName`,`RecipientPhone`,`DeliveryAddress`,`DeliveryCity`,`LocationType`,`ShippingCharge`,`Username`,`TotalPrice`) VALUES ('" . $DELIVERY_ID . "','" . $RECIPIENT_NAME . "','" . $RECIPIENT_PHONE . "','" . $DELIVERY_ADDRESS . "','" . $DELIVERY_CITY . "','" . $LOCATION_TYPE . "','" . $SHIPPING_CHARGE . "','" . $USERNAME . "','" . $TOTAL_PRICE . "')";
-				$result_place_order1 = mysqli_query($con, $place_order1);
-		} //!isset($_SESSION['username'])
-		else {
-				$DELIVERY_ID         = $_SESSION['deliveryid'];
-				$RECIPIENT_NAME      = $_POST['recipientname'];
-				$RECIPIENT_PHONE     = $_POST['recipientphone'];
-				$DELIVERY_ADDRESS    = $_POST['deliveryaddress'];
-				$DELIVERY_CITY       = $_POST['deliverycity'];
-				$LOCATION_TYPE       = $_POST['locationtype'];
-				$SHIPPING_CHARGE     = $_POST['shippingtype'];
-				$TOTAL_PRICE         = $_SESSION['totalprice'];
-				$USERNAME            = $_SESSION['username'];
-				$place_order2        = "INSERT into `tbldelivery` (`DeliveryID`,`RecipientName`,`RecipientPhone`,`DeliveryAddress`,`DeliveryCity`,`LocationType`,`ShippingCharge`,`Username`,`TotalPrice`) VALUES ('" . $DELIVERY_ID . "','" . $RECIPIENT_NAME . "','" . $RECIPIENT_PHONE . "','" . $DELIVERY_ADDRESS . "','" . $DELIVERY_CITY . "','" . $LOCATION_TYPE . "','" . $SHIPPING_CHARGE . "','" . $USERNAME . "','" . $TOTAL_PRICE . "')";
-				$result_place_order2 = mysqli_query($con, $place_order2);
-		}
-		if ($result_place_order2 || $result_place_order1) {
-				$remove_cart        = "DELETE FROM `tblcart` WHERE Username = '" . $USERNAME . "'";
-				$result_remove_cart = mysqli_query($con, $remove_cart);
-				if ($result_place_order2 || $result_place_order1 || $remove_cart) {
-						$ORDER_STATUS                 = "Pending";
-						$ORDER_REMARK                 = "Orders Has Been Received And Is Currently Being Processed";
-						$insert_to_track_order        = "INSERT INTO tblordertrack (`OrderID`,`DeliveryID`,`Status`,`Remark`) SELECT `OrderID`,'" . $DELIVERY_ID . "','" . $ORDER_STATUS . "','" . $ORDER_REMARK . "'  FROM tblorder WHERE `DeliveryID` = '" . $DELIVERY_ID . "' ";
-						$result_insert_to_track_order = mysqli_query($con, $insert_to_track_order);
-						header("Location: ordersuccessful.php");
-				} //$result_place_order2 || $result_place_order1 || $remove_cart
-				else {
-						header("Location: cart.php");
-				}
-		} //$result_place_order2 || $result_place_order1
-		else {
-				die("Couldnt Place Order! Contact Us!");
-		}
-} //isset($_POST['placeorder'])
-?>
-
-<?php
-
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////My Profile page related .php////////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-require('db.php');
-/////////////////////////////Variables to store data/////////////////////////////
-$MESSAGE_MYPROFILE = '';
-/////////////////////////////Update Username/////////////////////////////
-
-if (isset($_POST["updatename"])) {
-		$USERNAME           = $_SESSION['username'];
-		$FIRST_TNAME       = $_POST['firstname'];
-		$FIRST_TNAME       = mysqli_real_escape_string($con, $FIRST_TNAME);
-		$LAST_NAME       = $_POST['lastname'];
-		$LAST_NAME       = mysqli_real_escape_string($con, $LAST_NAME);
-		$PASSWORD       = $_POST['password'];
-		$PASSWORD       = mysqli_real_escape_string($con, $PASSWORD);
-		
-		
-		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
-		$result_select_user = mysqli_fetch_assoc($select_user);
-		$PASS              = $result_select_user['Password'] ;
-		
-		// if user exists
-		if ($result_select_user) {
-				 if ($PASS != md5($PASSWORD)) {
-						$MESSAGE_MYPROFILE = "Wrong Password!";
-				} 
-	
-				else {
-				$update_username = "UPDATE `tblusers` SET `FirstName`='".$FIRST_TNAME."',`LastName`='".$LAST_NAME."' WHERE `Username`='".$USERNAME."'";
-				$result_update_username = mysqli_query($con, $update_username);
-				if ($result_update_username) {
-						$MESSAGE_MYPROFILE = "Successfully Updated";
-				} 
-				else {	
-						$MESSAGE_MYPROFILE = " Please contact Us!";
-				}
-
-}		}
-} 
-/////////////////////////////Update password/////////////////////////////
-if (isset($_POST["updatepassword"])) {
-		$USERNAME           = $_SESSION['username'];
-		$NEW_PASSWORD       = $_POST['newpassword'];
-		$NEW_PASSWORD       = mysqli_real_escape_string($con, $NEW_PASSWORD);
-		$PASSWORD       = $_POST['password'];
-		$PASSWORD       = mysqli_real_escape_string($con, $PASSWORD);
-		
-		
-		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
-		$result_select_user = mysqli_fetch_assoc($select_user);
-		$PASS              = $result_select_user['Password'] ;
-		
-		// if user exists
-		if ($result_select_user) {
-				 if ($PASS != md5($PASSWORD)) {
-						$MESSAGE_MYPROFILE = "Wrong Password!";
-				} 
-				else if (!isset($NEW_PASSWORD) || !isset($PASSWORD) ) {
-					
-					$MESSAGE_MYPROFILE = "Fill Mandatory Fields!";
-					}
-					
-					else     if (strlen($NEW_PASSWORD) <= '8') {
-        $MESSAGE_MYPROFILE= "Password Must Contain At Least 8 Characters!";
-    							}
-	
-				else {
-				$update_password= "UPDATE `tblusers` SET `Password`='".md5($NEW_PASSWORD)."' WHERE `Username`='".$USERNAME."'";
-				$result_update_password = mysqli_query($con, $update_password);
-				if ($result_update_password) {
-						$MESSAGE_MYPROFILE = "Successfully Updated";
-				} 
-				else {	
-						$MESSAGE_MYPROFILE = " Please contact Us!";
-				}
-
-}		}
-} 
-
-/////////////////////////////Update Username/////////////////////////////
-
-if (isset($_POST["updateemailaddress"])) {
-		$USERNAME        = $_SESSION['username'];
-		$E_MAIL       = $_POST['email'];
-		$E_MAIL       = mysqli_real_escape_string($con, $E_MAIL);
-		$PASSWORD       = $_POST['password'];
-		$PASSWORD       = mysqli_real_escape_string($con, $PASSWORD);
-		
-		
-		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
-		$result_select_user = mysqli_fetch_assoc($select_user);
-		$PASS              = $result_select_user['Password'] ;
-		
-		// if user exists
-		if ($result_select_user) {
-				 if ($PASS != md5($PASSWORD)) {
-						$MESSAGE_MYPROFILE = "Wrong Password!";
-				} 
-				else if (!filter_var($E_MAIL, FILTER_VALIDATE_EMAIL)) {
- 					 $MESSAGE_MYPROFILE = "Invalid Email";
-						}
-				else {
-				$update_email = "UPDATE `tblusers` SET `EmailAddress` = '".$E_MAIL."' WHERE `Username`='".$USERNAME."'";
-				$result_update_email = mysqli_query($con, $update_email);
-				if ($result_update_email) {
-						$MESSAGE_MYPROFILE = "Successfully Updated";
-				} 
-				else {	
-						$MESSAGE_MYPROFILE = " Please contact Us!";
-				}
-
-}		}
-} 
-?>
-
-<?php
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////Forgot password page related .php///////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-$MESSAGE_RECOVER = '';
-$DISPLAY_CONTENT = '';
-if (isset($_POST["recoveraccount"])) {
-
-		$USERNAME       = $_POST['username'];
-		$E_MAIL       = $_POST['email'];
-		$SECURITY_QUESTION       = $_POST['securityquestion'];
-		$SECURITY_ANSWER       = $_POST['securityanswer'];
-		
-		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' OR EmailAddress='".$E_MAIL."' LIMIT 1");
-		$result_select_user = mysqli_fetch_assoc($select_user);
-		$QUESTION              = $result_select_user['SecurityQuestion'] ;
-		$ANSWER              = $result_select_user['SecurityAnswer'] ;
-		
-		if ($result_select_user) {
-				
-				 if ($QUESTION != $SECURITY_QUESTION || $ANSWER != $SECURITY_ANSWER)
-				 	 {
-						$MESSAGE_RECOVER = "Please Enter A Correct Security Question And Answer!";
-					} 
-				else if (!isset($SECURITY_QUESTION) || !isset($SECURITY_ANSWER) || !isset($E_MAIL)|| !isset($USERNAME)  )
-					 {
-					
-					$MESSAGE_RECOVER = "Please Fill Mandatory Fields!";
-					}
-					
-					else{
-						$DISPLAY_CONTENT = "Display";
-						$_SESSION['tempusername'] = $USERNAME;
-						}
-		
-					} 
-					else{ $MESSAGE_RECOVER = "Please Enter A Valid Username Or Email"; }
-}
-
-if (isset($_POST["resetpassword"])) {
-		$USERNAME           = $_SESSION['tempusername'];
-		$NEW_PASSWORD       = $_POST['newpassword'];
-		$NEW_PASSWORD       = mysqli_real_escape_string($con, $NEW_PASSWORD);
-		
-		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
-		$result_select_user = mysqli_fetch_assoc($select_user);
-		
-		// if user exists
-		if ($result_select_user) {
-				  if (!isset($NEW_PASSWORD)) {
-					
-					$MESSAGE_RECOVER = "Fill Mandatory Fields!";
-					$DISPLAY_CONTENT = "Display";
-					}
-					
-					else     if (strlen($NEW_PASSWORD) <= '8') {
-        $MESSAGE_RECOVER= "Password Must Contain At Least 8 Characters!";
-		$DISPLAY_CONTENT = "Display";
-    							}
-	
-				else {
-				$recover_password= "UPDATE `tblusers` SET `Password`='".md5($NEW_PASSWORD)."' WHERE `Username`='".$USERNAME."'";
-				$result_recover_password = mysqli_query($con, $recover_password);
-				if ($result_recover_password) {
-						$MESSAGE_RECOVER = "Successfully Updated";
-						$DISPLAY_CONTENT = "Display";
-				} 
-				else {	
-						$MESSAGE_RECOVER = " Please contact Us!";
-				}
-
-}		}
-} 
-?>
-
-
-
-<?php
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-////////////////////////////////////Logout page related .php///////////////////////////////////////////
-///////////////////////////////////////////////////////////////////////////////////////////////////////
-if (isset($_POST["logout"])) {
-		session_start();
-		if (session_destroy()) {
-				header("Location: login.php");
-		} //session_destroy()
-} //isset($_POST["logout"])
-?>
+<div id="header">
+	<div>
+	<h1><img src="Resources/designimages/logo.png" width="350" height="90"></h1>
+	</div>
+	</div>
+	<div class="navigationbar">
+	<ul>
+	<li><a href="Home.php">Home</a></li>
+	<li><a href="pnb.php">Products</a></li>
+	<li><a href="promotions.php">Promotions</a></li>
+	<li><a href="aboutus.php">About Us</a></li>
+	<li><a href="contactus.php">Contact Us</a></li>
+	<li><a href="cart.php">Cart</a></li>
+	<li><a href="myprofile.php">My Profile</a></li>
+	</ul>
+    </div>
+    
+    <?php
+require ('db.php');
+session_start();
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////Login page related .php////////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+/////////////////////////////Variables to store data/////////////////////////////
+$MESSAGE_LOGIN = '';
+$PRODUCT_ID    = '';
+/////////////////////////////Login/////////////////////////////
+if (isset($_POST['login'])) {
+		if (!isset($_POST['username']) || !isset($_POST['password'])) {
+				$MESSAGE_LOGIN = "Username or Password Empty";
+		} //!isset($_POST['username']) || !isset($_POST['password'])
+		else {
+				$USER                   = $_POST['username'];
+				$USERNAME               = mysqli_real_escape_string($con, $USER);
+				$PASS                   = $_POST['password'];
+				$PASSWORD               = mysqli_real_escape_string($con, $PASS);
+				$l_select_user          = "SELECT Username,Password FROM tblusers WHERE Username ='$USER' AND Password = '".md5($PASS)."' LIMIT 1";
+				$results_l_select_user  = mysqli_query($con, $l_select_user);
+				$l_select_admin         = "SELECT Username,Password FROM tbladmins WHERE Username='$USER' AND Password = '".md5($PASS)."' LIMIT 1";
+				$results_l_select_admin = mysqli_query($con, $l_select_admin);
+				if (mysqli_num_rows($results_l_select_user) > 0) {
+						$_SESSION['username']        = $USERNAME;
+						$l_insert_to_log_user        = "INSERT into `tbluserlog` (Username,LoginTime,Logout,Status) VALUES ('$USER','0',date('Y-m-d H:i:s'),'1')";
+						$result_l_insert_to_log_user = mysqli_query($con, $l_insert_to_log_user);
+						if (!isset($_SESSION['selectedproduct'])) {
+								header('location: myprofile.php');
+						} //!isset($_SESSION['selectedproduct'])
+						else {
+								$PRODUCT_ID              = $_SESSION['selectedproduct'];
+								$PRODUCT_QUANTITY        = $_SESSION['selectedquantity'];
+								$l_insert_to_cart        = "INSERT into `tblcart` (ProductID,Username,Quantity) VALUES (" . $PRODUCT_ID . ",'$USER'," . $PRODUCT_QUANTITY . ")";
+								$result_l_insert_to_cart = mysqli_query($con, $l_insert_to_cart);
+								header('location: cart.php');
+						}
+				} //mysqli_num_rows($results_l_select_user) > 0
+				else if (mysqli_num_rows($results_l_select_admin) > 0) {
+						$_SESSION['username']         = $USERNAME;
+						$l_insert_to_log_admin        = "INSERT into `tbluserlog` (Username,LoginTime,Logout,Status) VALUES ('$USER','0',date('Y-m-d H:i:s'),'1')";
+						$result_l_insert_to_log_admin = mysqli_query($con, $l_insert_to_log_admin);
+						header('location: admin/manageorders.php');
+				} //mysqli_num_rows($results_l_select_admin) > 0
+				else {
+						$MESSAGE_LOGIN = "Username or Password is Invalid";
+				}
+		}
+} //isset($_POST['login'])
+/////////////////////////////Continue as a guest/////////////////////////////
+if (isset($_POST['continueguest'])) {
+		$PRODUCT_ID                        = $_SESSION['selectedproduct'];
+		$PRODUCT_QUANTITY                  = $_SESSION['selectedquantity'];
+		$_SESSION['totalproducts']         = $PRODUCT_QUANTITY;
+		$generate_delivery_id_guest        = mysqli_query($con, "SELECT delivery_id FROM (SELECT FLOOR(RAND() * 99999) AS delivery_id  UNION SELECT FLOOR(RAND() * 99999) AS random_num) AS numbers_mst_plus_1 WHERE `delivery_id` NOT IN (SELECT DeliveryID FROM tblorder) LIMIT 1");
+		$result_generate_delivery_id_guest = mysqli_fetch_assoc($generate_delivery_id_guest);
+		$DELIVERY_ID_GUEST                 = $result_generate_delivery_id_guest['delivery_id'];
+		$_SESSION['deliveryid']            = $DELIVERY_ID_GUEST;
+		$l_select_total_price              = "SELECT ProductPrice FROM `tblproducts` WHERE ProductID='" . $PRODUCT_ID . "' ";
+		$result_l_select_total_price       = mysqli_query($con, $l_select_total_price);
+		$total_price                       = mysqli_fetch_assoc($result_l_select_total_price);
+		$PRICE                             = $total_price['ProductPrice'];
+		$TOTAL_PRICE                       = $PRICE * $PRODUCT_QUANTITY;
+		$_SESSION['totalprice']            = $TOTAL_PRICE;
+		$l_insert_order                    = "INSERT into `tblorder` (ProductID,Quantity,Username,DeliveryID) VALUES (" . $PRODUCT_ID . "," . $PRODUCT_QUANTITY . ",'Guest'," . $DELIVERY_ID_GUEST . ")";
+		$result_l_insert_ordert            = mysqli_query($con, $l_insert_order);
+		header("Location: checkout.php");
+} //isset($_POST['continueguest'])
+?>
+
+<?php
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////Register page related .php////////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+require('db.php');
+/////////////////////////////Variables to store data/////////////////////////////
+$MESSAGE_REGISTER = '';
+/////////////////////////////Regster/////////////////////////////
+if (isset($_POST["register"])) {
+		$USERNAME           = $_POST['username'];
+		$USERNAME           = mysqli_real_escape_string($con, $USERNAME);
+		$FIRST_NAME         = stripslashes($_POST['firstname']);
+		$FIRST_NAME         = mysqli_real_escape_string($con, $FIRST_NAME);
+		$LAST_NAME          = stripslashes($_POST['lastname']);
+		$LAST_NAME          = mysqli_real_escape_string($con, $LAST_NAME);
+		$E_MAIL             = stripslashes($_POST['email']);
+		$E_MAIL             = mysqli_real_escape_string($con, $E_MAIL);
+		$PHONE_NUMBER       = stripslashes($_POST['phonenumber']);
+		$PHONE_NUMBER       = mysqli_real_escape_string($con, $PHONE_NUMBER);
+		$PASSWORD           = stripslashes($_POST['password']);
+		$PASSWORD           = mysqli_real_escape_string($con, $PASSWORD);
+		$RE_TYPE_PASSWORD   = stripslashes($_POST['retypepassword']);
+		$RE_TYPE_PASSWORD   = mysqli_real_escape_string($con, $RE_TYPE_PASSWORD);
+		$SECURITY_QUESTION  = stripslashes($_POST['securityquestion']);
+		$SECURITY_QUESTION  = mysqli_real_escape_string($con, $SECURITY_QUESTION);
+		$SECURITY_ANSWER    = stripslashes($_POST['securityanswer']);
+		$SECURITY_ANSWER    = mysqli_real_escape_string($con, $SECURITY_ANSWER);
+		$select_user        = "SELECT * FROM tblusers WHERE Username='$USERNAME' OR EmailAddress='$E_MAIL' LIMIT 1";
+		$result_select_user = mysqli_query($con, $select_user);
+		$USER               = mysqli_fetch_assoc($result_select_user);
+		// if user exists
+		if ($USER) {
+				if ($USER['Username'] = $USERNAME) {
+						$MESSAGE_REGISTER = "OOPS! Username Is Already Taken!";
+				} //$USER['Username'] = $USERNAME
+				if ($USER['EmailAddress'] = $E_MAIL) {
+						$MESSAGE_REGISTER = "OOPS! Email Is Already Taken";
+				} //$USER['EmailAddress'] = $E_MAIL
+		} //$USER
+		// if fields are filled
+		else if (!empty($USERNAME) || !empty($FIRST_NAME) || !empty($LAST_NAME) || !empty($E_MAIL) || !empty($PHONE_NUMBER) || !empty($PASSWORD) || !empty($RE_TYPE_PASSWORD)) {
+				$MESSAGE_REGISTER = "OOPS! Fill Mandatory Fields!";
+		} //!isset($USERNAME) || !isset($FIRST_NAME) || !isset($LAST_NAME) || !isset($E_MAIL) || !isset($PHONE_NUMBER) || !isset($PASSWORD) || !isset($RE_TYPE_PASSWORD)
+		// if password matches
+		else if ($PASSWORD != $RE_TYPE_PASSWORD) {
+				$MESSAGE_REGISTER = "Password doesnt match!";
+		} //$PASSWORD != $RE_TYPE_PASSWORD
+		else if (strlen($PASSWORD) < '8') {
+        $MESSAGE_REGISTER= "Password Must Contain At Least 8 Characters!";
+    	}
+		else if (!filter_var($E_MAIL, FILTER_VALIDATE_EMAIL)) {
+  $MESSAGE_REGISTER = "Invalid Email";
+		}
+		
+		// enter user to database
+		else {
+				$insert_user        = "INSERT INTO `tblusers`(`Username`, `FirstName`, `LastName`, `EmailAddress`, `PhoneNumber`, `Password`, `SecurityQuestion`, `SecurityAnswer`) VALUES ('$USERNAME','$FIRST_NAME','$LAST_NAME','$E_MAIL','$PHONE_NUMBER','" . md5($PASSWORD) . "','$SECURITY_QUESTION','$SECURITY_ANSWER')";
+				$result_insert_user = mysqli_query($con, $insert_user);
+				if ($result_insert_user) {
+						$MESSAGE_REGISTER = "successful";
+				} //$result_insert_user
+				else {
+						$MESSAGE_REGISTER = "Registration unsuccessful!";
+				}
+		}
+		mysqli_close($con); // Closing connection
+} //isset($_POST["register"])
+?>
+
+<?php
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////View Products page related .php////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+require('db.php');
+///////////////////////Add products to cart///////////////////////
+$MESSAGE_REVIEW = '';
+if (isset($_POST['addtocart'])) {
+		if (!isset($_SESSION['username'])) {
+				$_SESSION['selectedproduct']  = $_POST['productid'];
+				$_SESSION['selectedquantity'] = $_POST['quantity'];
+				$_SESSION['crumbs']           = "1";
+				header("location: login.php");
+		} //!isset($_SESSION['username'])
+		else {
+				$PRODUCT_ID              = $_POST['productid'];
+				$PRODUCT_QUANTITY        = $_POST['quantity'];
+				$USERNAME                = $_SESSION['username'];
+				$v_insert_to_cart        = "INSERT into`tblcart` (ProductID, Username, Quantity) VALUES ('" . $PRODUCT_ID . "','" . $USERNAME . "','" . $PRODUCT_QUANTITY . "')";
+				$result_v_insert_to_cart = mysqli_query($con, $v_insert_to_cart);
+				header('location: cart.php');
+		}
+} //isset($_POST['addtocart'])
+///////////////////////Add a review///////////////////////
+if (isset($_POST['addreview'])) {
+	if (!isset($_POST['productid']) || !isset($_POST['review'])) {
+		$MESSAGE_REVIEW = "Unable to Place Review!";
+	} else {
+		$PRODUCT_ID = $_POST['productid'];
+		$USERNAME = $_SESSION['username'];
+		$PRODUCT_REVIEW = $_POST['review'];
+
+		$insert_review = "INSERT INTO `tblproductreviews`(`ProductID`, `Username`, `Review`) VALUES (?, ?, ?)";
+		$stmt = mysqli_prepare($con, $insert_review);
+		mysqli_stmt_bind_param($stmt, 'iss', $PRODUCT_ID, $USERNAME, $PRODUCT_REVIEW);
+
+		if (mysqli_stmt_execute($stmt)) {
+			$MESSAGE_REVIEW = "Thank you for your review!";
+			header('location: #.php');
+		} else {
+			$MESSAGE_REVIEW = "Unable to Place Review!";
+			header('location: #.php');
+		}
+
+		mysqli_stmt_close($stmt);
+	}
+}
+?>
+
+
+<?php
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////Products page related .php/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+require('db.php');
+/////////////////////////////Strings to Store Variables/////////////////////////////
+$CATEGORY               = '';
+$CATEGORY_ID            = '';
+$MESSAGE                = '';
+$SORT_TYPE              = 'ASC';
+$SORT_COLUMN            = 'ProductPrice';
+$_SESSION['bikeselected']='';
+$BIKE_TYPE              = $_SESSION['bikeselected'];
+/////////////////////////////Select Categories/////////////////////////////
+$select_category        = "SELECT * FROM `tblcategory`";
+$result_select_category = mysqli_query($con, $select_category);
+/////////////////////////////Query Product Bike Type to Display/////////////////////////////
+$select_productbiketype = "SELECT DISTINCT ProductBikeType FROM `tblproducts`";
+$result_productbiketype = mysqli_query($con, $select_productbiketype);
+/////////////////////////////Select or Change Product Bike Type /////////////////////////////
+if (isset($_POST['productbiketype'])) {
+		$SELECT_BIKE              = $_POST['selectproductbiketype'];
+		$EXPLODED_VALUE2          = explode(",", $SELECT_BIKE);
+		$_SESSION['bikeselected'] = $EXPLODED_VALUE2[0];
+		$BIKE_TYPE                = $_SESSION['bikeselected'];
+} //isset($_POST['productbiketype'])
+if (isset($_POST['productbiketypechange'])) {
+		$_SESSION['bikeselected'] = '';
+		$BIKE_TYPE                = $_SESSION['bikeselected'];
+} //isset($_POST['productbiketypechange'])
+/////////////////////////////Identify type of sorting selected/////////////////////////////
+if (isset($_POST['sort'])) {
+		$SORT           = $_POST['sort'];
+		$EXPLODED_VALUE = explode(",", $SORT);
+		$SORT_TYPE      = $EXPLODED_VALUE[0];
+		$SORT_COLUMN    = $EXPLODED_VALUE[1];
+} //isset($_POST['sort'])
+/////////////////////////////Filter products based on category/////////////////////////////
+if (isset($_POST['categoryvalues'])) {
+		$CATEGORY_VALUES   = $_POST['categoryvalues'];
+		$CATEGORY_SELECTED = implode(",", $CATEGORY_VALUES);
+		$BIKE_TYPE                = $_SESSION['bikeselected'];
+		if ($BIKE_TYPE == "") {
+				$select_specific_products = "SELECT tblproducts.ProductID, tblproducts.ProductName, tblproducts.ProductPrice, tblproducts.ProductImage, tblproducts.ProductBikeType, tblproducts.ProductDiscountAmount, tblcategory.CategoryName FROM `tblproducts` INNER JOIN tblcategory ON tblproducts.CategoryID=tblcategory.CategoryID WHERE tblcategory.CategoryName = '" . $CATEGORY_SELECTED . "' ORDER BY " . $SORT_COLUMN . " " . $SORT_TYPE . "";
+				$result_products          = mysqli_query($con, $select_specific_products);
+				$CATEGORY                 = $CATEGORY_SELECTED;
+		} //$BIKE_TYPE == ''
+		else {
+				$select_specific_products2 = "SELECT tblproducts.ProductID, tblproducts.ProductName, tblproducts.ProductPrice, tblproducts.ProductImage, tblproducts.ProductBikeType, tblproducts.ProductDiscountAmount, tblcategory.CategoryName FROM `tblproducts` INNER JOIN tblcategory ON tblproducts.CategoryID=tblcategory.CategoryID WHERE tblproducts.ProductBikeType = '" . $BIKE_TYPE . "' AND tblcategory.CategoryName = '" . $CATEGORY_SELECTED . "' ORDER BY " . $SORT_COLUMN . " " . $SORT_TYPE . "";
+				$result_products           = mysqli_query($con, $select_specific_products2);
+				$CATEGORY                  = $CATEGORY_SELECTED;
+		}
+} //isset($_POST['categoryvalues'])
+/////////////////////////////Select All products/////////////////////////////
+else {
+		if ($BIKE_TYPE == '') {
+				$select_all_product1 = "SELECT * FROM `tblproducts`";
+				$result_products     = mysqli_query($con, $select_all_product1);
+				$MESSAGE             = "All Available Products!";
+		} //$BIKE_TYPE == ''
+		else {
+				$select_all_product2 = "SELECT * FROM `tblproducts` WHERE ProductBikeType = '" . $BIKE_TYPE . "'";
+				$result_products     = mysqli_query($con, $select_all_product2);
+				$MESSAGE             = "All Available Products of the Selected Bike!";
+		}
+}
+/////////////////////////////Search Products////////////////////////////
+if (isset($_POST['search'])) {
+	$BIKE_TYPE = $_SESSION['bikeselected'];
+	$SEARCHED_VALUE = $_POST['searchproduct'];
+
+	$search_query = "SELECT * FROM `tblproducts` WHERE CONCAT(`ProductName`) LIKE '%" . $SEARCHED_VALUE . "%'";
+	if ($BIKE_TYPE !== '') {
+		$search_query .= " AND ProductBikeType = '" . $BIKE_TYPE . "'";
+	}
+
+	$result_products = mysqli_query($con, $search_query);
+	$ROWS = mysqli_num_rows($result_products);
+
+	if ($ROWS > 0) {
+		$MESSAGE = "We have found ('" . $ROWS . "') that matches:'" . $SEARCHED_VALUE . "' ";
+		$CATEGORY_SELECTED = '5';
+	} else {
+		$MESSAGE = "No matching products found.";
+		$CATEGORY_SELECTED = ''; // Reset the category selection if no results found
+	}
+}
+?>
+
+<?php
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////Cart page related .php/////////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+require('db.php');
+/////////////////////////////Update products in cart/////////////////////////////
+if (isset($_POST['updateitem'])) {
+		foreach ($_POST['selectedvalues'] as $idx => $selectionid) {
+				$update_cart        = "UPDATE tblcart SET Quantity='" . $_POST['quantity'][$idx] . "' WHERE SelectionID='" . $selectionid . "'";
+				$result_update_cart = mysqli_query($con, $update_cart);
+		} //$_POST['selectedvalues'] as $idx => $selectionid
+		header("Location: cart.php");
+} //isset($_POST['updateitem'])
+/////////////////////////////checkout products from cart/////////////////////////////
+if (isset($_POST['checkout'])) {
+		$generate_delivery_id        = mysqli_query($con, "SELECT delivery_id FROM (SELECT FLOOR(RAND() * 99999) AS delivery_id  UNION SELECT FLOOR(RAND() * 99999) AS random_num) AS numbers_mst_plus_1 WHERE `delivery_id` NOT IN (SELECT DeliveryID FROM tblorder) LIMIT 1");
+		$result_generate_delivery_id = mysqli_fetch_assoc($generate_delivery_id);
+		$DELIVERY_ID                 = $result_generate_delivery_id['delivery_id'];
+		$USER                        = $_SESSION['username'];
+		$insert_order                = "INSERT INTO tblorder (`ProductID`, `Quantity`, `Username`, `DeliveryID`) SELECT `ProductID`, `Quantity`, `Username`, '" . $DELIVERY_ID . "' FROM tblcart WHERE `Username` = '" . $USER . "' ";
+		$_SESSION['deliveryid']      = $DELIVERY_ID;
+		$result_insert_order         = mysqli_query($con, $insert_order);
+		header("Location: checkout.php");
+} //isset($_POST['checkout'])
+/////////////////////////////Removal of products from cart/////////////////////////////
+if (isset($_POST["removeitem"])) {
+		$IMPLODE_VALUES           = $_POST['checkedvalues'];
+		$CHECKED_VALUES_REMOVE    = implode(",", $IMPLODE_VALUES);
+		$remove_cart_items        = "DELETE FROM `tblcart` WHERE SelectionID in ($CHECKED_VALUES_REMOVE)";
+		$result_remove_cart_items = mysqli_query($con, $remove_cart_items);
+		header("Location: cart.php");
+} //isset($_POST["removeitem"])
+
+if (isset($_POST["continueshopping"])) {
+		header("Location: pnb.php");
+} //isset($_POST["continueshopping"])
+
+?>
+
+
+<?php
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////Checkout page related .php/////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+require('db.php');
+if (isset($_POST['placeorder'])) {
+		if (!isset($_SESSION['username'])) {
+				$DELIVERY_ID         = $_SESSION['deliveryid'];
+				$RECIPIENT_NAME      = $_POST['recipientname'];
+				$RECIPIENT_PHONE     = $_POST['recipientphone'];
+				$DELIVERY_ADDRESS    = $_POST['deliveryaddress'];
+				$DELIVERY_CITY       = $_POST['deliverycity'];
+				$LOCATION_TYPE       = $_POST['locationtype'];
+				$SHIPPING_CHARGE     = $_POST['shippingtype'];
+				$TOTAL_PRICE         = $_SESSION['totalprice'];
+				$USERNAME            = 'Guest';
+				$place_order1        = "INSERT into `tbldelivery` (`DeliveryID`,`RecipientName`,`RecipientPhone`,`DeliveryAddress`,`DeliveryCity`,`LocationType`,`ShippingCharge`,`Username`,`TotalPrice`) VALUES ('" . $DELIVERY_ID . "','" . $RECIPIENT_NAME . "','" . $RECIPIENT_PHONE . "','" . $DELIVERY_ADDRESS . "','" . $DELIVERY_CITY . "','" . $LOCATION_TYPE . "','" . $SHIPPING_CHARGE . "','" . $USERNAME . "','" . $TOTAL_PRICE . "')";
+				$result_place_order1 = mysqli_query($con, $place_order1);
+		} //!isset($_SESSION['username'])
+		else {
+				$DELIVERY_ID         = $_SESSION['deliveryid'];
+				$RECIPIENT_NAME      = $_POST['recipientname'];
+				$RECIPIENT_PHONE     = $_POST['recipientphone'];
+				$DELIVERY_ADDRESS    = $_POST['deliveryaddress'];
+				$DELIVERY_CITY       = $_POST['deliverycity'];
+				$LOCATION_TYPE       = $_POST['locationtype'];
+				$SHIPPING_CHARGE     = $_POST['shippingtype'];
+				$TOTAL_PRICE         = $_SESSION['totalprice'];
+				$USERNAME            = $_SESSION['username'];
+				$place_order2        = "INSERT into `tbldelivery` (`DeliveryID`,`RecipientName`,`RecipientPhone`,`DeliveryAddress`,`DeliveryCity`,`LocationType`,`ShippingCharge`,`Username`,`TotalPrice`) VALUES ('" . $DELIVERY_ID . "','" . $RECIPIENT_NAME . "','" . $RECIPIENT_PHONE . "','" . $DELIVERY_ADDRESS . "','" . $DELIVERY_CITY . "','" . $LOCATION_TYPE . "','" . $SHIPPING_CHARGE . "','" . $USERNAME . "','" . $TOTAL_PRICE . "')";
+				$result_place_order2 = mysqli_query($con, $place_order2);
+		}
+		if ($result_place_order2 || $result_place_order1) {
+				$remove_cart        = "DELETE FROM `tblcart` WHERE Username = '" . $USERNAME . "'";
+				$result_remove_cart = mysqli_query($con, $remove_cart);
+				if ($result_place_order2 || $result_place_order1 || $remove_cart) {
+						$ORDER_STATUS                 = "Pending";
+						$ORDER_REMARK                 = "Orders Has Been Received And Is Currently Being Processed";
+						$insert_to_track_order        = "INSERT INTO tblordertrack (`OrderID`,`DeliveryID`,`Status`,`Remark`) SELECT `OrderID`,'" . $DELIVERY_ID . "','" . $ORDER_STATUS . "','" . $ORDER_REMARK . "'  FROM tblorder WHERE `DeliveryID` = '" . $DELIVERY_ID . "' ";
+						$result_insert_to_track_order = mysqli_query($con, $insert_to_track_order);
+						header("Location: ordersuccessful.php");
+				} //$result_place_order2 || $result_place_order1 || $remove_cart
+				else {
+						header("Location: cart.php");
+				}
+		} //$result_place_order2 || $result_place_order1
+		else {
+				die("Couldnt Place Order! Contact Us!");
+		}
+} //isset($_POST['placeorder'])
+?>
+
+<?php
+
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////My Profile page related .php////////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+require('db.php');
+/////////////////////////////Variables to store data/////////////////////////////
+$MESSAGE_MYPROFILE = '';
+/////////////////////////////Update Username/////////////////////////////
+
+if (isset($_POST["updatename"])) {
+		$USERNAME           = $_SESSION['username'];
+		$FIRST_TNAME       = $_POST['firstname'];
+		$FIRST_TNAME       = mysqli_real_escape_string($con, $FIRST_TNAME);
+		$LAST_NAME       = $_POST['lastname'];
+		$LAST_NAME       = mysqli_real_escape_string($con, $LAST_NAME);
+		$PASSWORD       = $_POST['password'];
+		$PASSWORD       = mysqli_real_escape_string($con, $PASSWORD);
+		
+		
+		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
+		$result_select_user = mysqli_fetch_assoc($select_user);
+		$PASS              = $result_select_user['Password'] ;
+		
+		// if user exists
+		if ($result_select_user) {
+				 if ($PASS != md5($PASSWORD)) {
+						$MESSAGE_MYPROFILE = "Wrong Password!";
+				} 
+	
+				else {
+				$update_username = "UPDATE `tblusers` SET `FirstName`='".$FIRST_TNAME."',`LastName`='".$LAST_NAME."' WHERE `Username`='".$USERNAME."'";
+				$result_update_username = mysqli_query($con, $update_username);
+				if ($result_update_username) {
+						$MESSAGE_MYPROFILE = "Successfully Updated";
+				} 
+				else {	
+						$MESSAGE_MYPROFILE = " Please contact Us!";
+				}
+
+}		}
+} 
+/////////////////////////////Update password/////////////////////////////
+if (isset($_POST["updatepassword"])) {
+		$USERNAME           = $_SESSION['username'];
+		$NEW_PASSWORD       = $_POST['newpassword'];
+		$NEW_PASSWORD       = mysqli_real_escape_string($con, $NEW_PASSWORD);
+		$PASSWORD       = $_POST['password'];
+		$PASSWORD       = mysqli_real_escape_string($con, $PASSWORD);
+		
+		
+		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
+		$result_select_user = mysqli_fetch_assoc($select_user);
+		$PASS              = $result_select_user['Password'] ;
+		
+		// if user exists
+		if ($result_select_user) {
+				 if ($PASS != md5($PASSWORD)) {
+						$MESSAGE_MYPROFILE = "Wrong Password!";
+				} 
+				else if (!isset($NEW_PASSWORD) || !isset($PASSWORD) ) {
+					
+					$MESSAGE_MYPROFILE = "Fill Mandatory Fields!";
+					}
+					
+					else     if (strlen($NEW_PASSWORD) <= '8') {
+        $MESSAGE_MYPROFILE= "Password Must Contain At Least 8 Characters!";
+    							}
+	
+				else {
+				$update_password= "UPDATE `tblusers` SET `Password`='".md5($NEW_PASSWORD)."' WHERE `Username`='".$USERNAME."'";
+				$result_update_password = mysqli_query($con, $update_password);
+				if ($result_update_password) {
+						$MESSAGE_MYPROFILE = "Successfully Updated";
+				} 
+				else {	
+						$MESSAGE_MYPROFILE = " Please contact Us!";
+				}
+
+}		}
+} 
+
+/////////////////////////////Update Username/////////////////////////////
+
+if (isset($_POST["updateemailaddress"])) {
+		$USERNAME        = $_SESSION['username'];
+		$E_MAIL       = $_POST['email'];
+		$E_MAIL       = mysqli_real_escape_string($con, $E_MAIL);
+		$PASSWORD       = $_POST['password'];
+		$PASSWORD       = mysqli_real_escape_string($con, $PASSWORD);
+		
+		
+		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
+		$result_select_user = mysqli_fetch_assoc($select_user);
+		$PASS              = $result_select_user['Password'] ;
+		
+		// if user exists
+		if ($result_select_user) {
+				 if ($PASS != md5($PASSWORD)) {
+						$MESSAGE_MYPROFILE = "Wrong Password!";
+				} 
+				else if (!filter_var($E_MAIL, FILTER_VALIDATE_EMAIL)) {
+ 					 $MESSAGE_MYPROFILE = "Invalid Email";
+						}
+				else {
+				$update_email = "UPDATE `tblusers` SET `EmailAddress` = '".$E_MAIL."' WHERE `Username`='".$USERNAME."'";
+				$result_update_email = mysqli_query($con, $update_email);
+				if ($result_update_email) {
+						$MESSAGE_MYPROFILE = "Successfully Updated";
+				} 
+				else {	
+						$MESSAGE_MYPROFILE = " Please contact Us!";
+				}
+
+}		}
+} 
+?>
+
+<?php
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////Forgot password page related .php///////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+$MESSAGE_RECOVER = '';
+$DISPLAY_CONTENT = '';
+if (isset($_POST["recoveraccount"])) {
+
+		$USERNAME       = $_POST['username'];
+		$E_MAIL       = $_POST['email'];
+		$SECURITY_QUESTION       = $_POST['securityquestion'];
+		$SECURITY_ANSWER       = $_POST['securityanswer'];
+		
+		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' OR EmailAddress='".$E_MAIL."' LIMIT 1");
+		$result_select_user = mysqli_fetch_assoc($select_user);
+		$QUESTION              = $result_select_user['SecurityQuestion'] ;
+		$ANSWER              = $result_select_user['SecurityAnswer'] ;
+		
+		if ($result_select_user) {
+				
+				 if ($QUESTION != $SECURITY_QUESTION || $ANSWER != $SECURITY_ANSWER)
+				 	 {
+						$MESSAGE_RECOVER = "Please Enter A Correct Security Question And Answer!";
+					} 
+				else if (!isset($SECURITY_QUESTION) || !isset($SECURITY_ANSWER) || !isset($E_MAIL)|| !isset($USERNAME)  )
+					 {
+					
+					$MESSAGE_RECOVER = "Please Fill Mandatory Fields!";
+					}
+					
+					else{
+						$DISPLAY_CONTENT = "Display";
+						$_SESSION['tempusername'] = $USERNAME;
+						}
+		
+					} 
+					else{ $MESSAGE_RECOVER = "Please Enter A Valid Username Or Email"; }
+}
+
+if (isset($_POST["resetpassword"])) {
+		$USERNAME           = $_SESSION['tempusername'];
+		$NEW_PASSWORD       = $_POST['newpassword'];
+		$NEW_PASSWORD       = mysqli_real_escape_string($con, $NEW_PASSWORD);
+		
+		$select_user = mysqli_query($con, "SELECT * FROM tblusers WHERE Username='".$USERNAME."' LIMIT 1");
+		$result_select_user = mysqli_fetch_assoc($select_user);
+		
+		// if user exists
+		if ($result_select_user) {
+				  if (!isset($NEW_PASSWORD)) {
+					
+					$MESSAGE_RECOVER = "Fill Mandatory Fields!";
+					$DISPLAY_CONTENT = "Display";
+					}
+					
+					else     if (strlen($NEW_PASSWORD) <= '8') {
+        $MESSAGE_RECOVER= "Password Must Contain At Least 8 Characters!";
+		$DISPLAY_CONTENT = "Display";
+    							}
+	
+				else {
+				$recover_password= "UPDATE `tblusers` SET `Password`='".md5($NEW_PASSWORD)."' WHERE `Username`='".$USERNAME."'";
+				$result_recover_password = mysqli_query($con, $recover_password);
+				if ($result_recover_password) {
+						$MESSAGE_RECOVER = "Successfully Updated";
+						$DISPLAY_CONTENT = "Display";
+				} 
+				else {	
+						$MESSAGE_RECOVER = " Please contact Us!";
+				}
+
+}		}
+} 
+?>
+
+
+
+<?php
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+////////////////////////////////////Logout page related .php///////////////////////////////////////////
+///////////////////////////////////////////////////////////////////////////////////////////////////////
+if (isset($_POST["logout"])) {
+		session_start();
+		if (session_destroy()) {
+				header("Location: login.php");
+		} //session_destroy()
+} //isset($_POST["logout"])
+?>