diff --git a/functions.php b/functions.php
index e7a5cd7..7956451 100644
--- a/functions.php
+++ b/functions.php
@@ -34,6 +34,12 @@ function checkListing() {
 	}
 }
 
+function checkId() {
+	if (!isset($_GET['user_id'])) {
+		echo '<script>window.location.href = "index.php";</script>';
+	}
+}
+
 function getListing() {
 	return getFirstAllMatches('auction', 'listing_id', $_GET['listing_id']);
 }
@@ -131,4 +137,30 @@ function imageUpload($name) { //Code for uploading an image. Modified from https
         return false;
 	}
 }
+
+function addUser($adminFlag) {
+    $pdo = startDB();
+
+    $stmt = $pdo->prepare('INSERT INTO users (first_name, last_name, email, password, admin)
+    VALUES (:first_name, :last_name, :email, :password, :admin)');
+	if ($adminFlag) {
+		$values = [
+        	'first_name' => $_POST['first_name'],
+        	'last_name' => $_POST['last_name'],
+        	'email' => $_POST['email'],
+        	'admin' => 'y',
+        	'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
+    	];
+	}
+	else {
+    	$values = [
+        	'first_name' => $_POST['first_name'],
+        	'last_name' => $_POST['last_name'],
+        	'email' => $_POST['email'],
+        	'admin' => 'n',
+        	'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
+    ];
+	}
+    $stmt->execute($values);
+}
 ?>
\ No newline at end of file
diff --git a/layout.php b/layout.php
index 9381337..c9b1b1a 100644
--- a/layout.php
+++ b/layout.php
@@ -24,7 +24,7 @@ require_once 'functions.php';
 		<header>
 			<h1><a href="../index.php"><span class="i">i</span><span class="b">b</span><span class="u">u</span><span class="y">y</span></a></h1>
 
-			<form action="#">
+			<form action="../search.php" method='GET'>
 				<input type="text" name="search" placeholder="Search for anything" />
 				<input type="submit" name="submit" value="Search" />
 			</form>
@@ -49,7 +49,8 @@ require_once 'functions.php';
                 echo $pageContent;
             ?>
         <footer>
-			<a style="text-decoration: none;" href="../admin/adminCategories.php">admins</a><br>
+			<a style="text-decoration: none;" href="../admin/adminCategories.php">admin categories</a><br>
+			<a style="text-decoration: none;" href="../admin/manageAdmins.php">admin users</a><br>
 			&copy; ibuy <?php echo date('Y')?>
 		</footer>
         </main>
diff --git a/public/account/login.php b/public/account/login.php
index 5f384ee..3b437b7 100644
--- a/public/account/login.php
+++ b/public/account/login.php
@@ -16,13 +16,18 @@ $pdo = startDB();
 
 if (isset($_POST['submit'])) {
     $user = getFirstAllMatches('users', 'email', $_POST['email']);
-    if (password_verify($_POST['password'], $user['password'])) {
-        $_SESSION['loggedin'] = $user['user_id'];
-        if ($user['admin'] === 'y') {
-            $_SESSION['admin'] = 'y';
+    if($user) {
+        if (password_verify($_POST['password'], $user['password'])) {
+            $_SESSION['loggedin'] = $user['user_id'];
+            if ($user['admin'] === 'y') {
+                $_SESSION['admin'] = 'y';
+            }
+            echo'<script>window.location.href = "../index.php";</script>';
+            
+        }
+        else {
+            echo '<p>Unsuccessful Login</p>';
         }
-        echo'<script>window.location.href = "../index.php";</script>';
-        
     }
     else {
         echo '<p>Unsuccessful Login</p>';
diff --git a/public/account/register.php b/public/account/register.php
index 27adf79..02b47d9 100644
--- a/public/account/register.php
+++ b/public/account/register.php
@@ -1,21 +1,6 @@
 <?php
 require_once '../../functions.php';
 
-function addUser() {
-    $pdo = startDB();
-
-    $stmt = $pdo->prepare('INSERT INTO users (first_name, last_name, email, password, admin)
-    VALUES (:first_name, :last_name, :email, :password, :admin)');
-    $values = [
-        'first_name' => $_POST['first_name'],
-        'last_name' => $_POST['last_name'],
-        'email' => $_POST['email'],
-        'admin' => 'n',
-        'password' => password_hash($_POST['password'], PASSWORD_DEFAULT)
-    ];
-    $stmt->execute($values);
-}
-
 $pageTitle = 'iBuy - Register';
 $pageContent = '<p>Already have an account?<a href=\'login.php\'>Click here to Login</a></p>
     <h1>Register</h1>
@@ -30,7 +15,7 @@ $pageContent = '<p>Already have an account?<a href=\'login.php\'>Click here to L
 require '../../layout.php';
 
 if (isset($_POST['submit'])) {
-    addUser();
+    addUser(false);
     echo '<p>Successful account creation</p>';
 }
 ?>
\ No newline at end of file
diff --git a/public/account/userReviews.php b/public/account/userReviews.php
new file mode 100644
index 0000000..6c92e27
--- /dev/null
+++ b/public/account/userReviews.php
@@ -0,0 +1,27 @@
+<?php
+$pageTitle = 'iBuy - User Reviews';
+require_once '../../functions.php';
+
+checkId();
+$user = getFirstAllMatches('users', 'user_id', $_GET['user_id']);
+
+$pageContent = '<h1>'.$user['first_name'].$user['last_name'].'\'s Reviews</h1>
+<ul>'. populateList() .'</ul>';
+$stylesheet = '../assets/ibuy.css';
+require '../../layout.php';
+
+function populateList() {
+    $reviews = getEveryAllMatches('review', 'review_user', $_GET['user_id']);
+    $output = '';
+
+    foreach ($reviews as &$review) {
+        $user = getFirstAllMatches('users', 'user_id', $review['user_id']);
+        if(!$user) {
+            $output .= '<li><strong>'. $review['review_date'] . '</strong> '. $review['review_contents']. '<em> reviewing Deleted</em></li>';
+        } 
+        else {
+            $output .= '<li><strong>'. $review['review_date'] . '</strong> '. $review['review_contents']. '<em> reviewing '. $user['first_name'].$user['last_name'].'</em></li>';
+        }
+    }
+    return $output;
+}
\ No newline at end of file
diff --git a/public/admin/addAdmin.php b/public/admin/addAdmin.php
new file mode 100644
index 0000000..a7a2775
--- /dev/null
+++ b/public/admin/addAdmin.php
@@ -0,0 +1,21 @@
+<?php
+session_start();
+$pageTitle ='iBuy - Add Admin';
+$stylesheet = '../assets/ibuy.css';
+require_once '../../functions.php';
+adminCheck();
+$pageContent = '<h1> Add Admin</h1>
+<form action="addAdmin.php" method="POST">
+<label>First Name</label> <input name="first_name" type="text" placeholder="John"/>
+<label>Last Name</label> <input name="last_name" type="text" placeholder="Doe"/>
+<label>Email</label> <input name="email" type="email" placeholder="john.doe@example.com"/>
+<label>Password</label> <input name="password" type="password" placeholder="password"/>
+<input name="submit" type="submit" value="Submit" />
+</form>';
+require '../../layout.php';
+
+if (isset($_POST['submit'])) {
+	addUser(true);
+    echo '<script>window.location.href = "manageAdmins.php";</script>';
+}
+?>
\ No newline at end of file
diff --git a/public/admin/deleteAdmin.php b/public/admin/deleteAdmin.php
new file mode 100644
index 0000000..1fc1418
--- /dev/null
+++ b/public/admin/deleteAdmin.php
@@ -0,0 +1,20 @@
+<?php
+session_start();
+$pageTitle = 'iBuy - Delete Admin';
+$stylesheet = '../assets/ibuy.css';
+require_once '../../functions.php';
+adminCheck();
+
+if (isset($_GET['admin_id'])) {
+	$pdo = startDB();
+	$stmt = $pdo->prepare('DELETE FROM users WHERE user_id= :category_id');
+    $values = [
+        'category_id' => $_GET['admin_id']
+    ];
+	$stmt->execute($values);
+    echo '<script>window.location.href = "adminCategories.php";</script>';
+}
+else {
+    echo '<script>window.location.href = "adminCategories.php";</script>';
+}
+?>
\ No newline at end of file
diff --git a/public/admin/editAdmin.php b/public/admin/editAdmin.php
new file mode 100644
index 0000000..8b9d05e
--- /dev/null
+++ b/public/admin/editAdmin.php
@@ -0,0 +1,49 @@
+<?php
+session_start();
+$pageTitle = '';
+$stylesheet = '../assets/ibuy.css';
+require_once '../../functions.php';
+$admin = getFirstAllMatches('users', 'user_id', $_GET['admin_id']);
+adminCheck();
+$pageContent = '<h1> Edit Admin</h1>
+<form action="editCategory.php" method="POST">
+<label>First Name</label> <input name="first_name" type="text" placeholder="John"/>
+<label>Last Name</label> <input name="last_name" type="text" placeholder="Doe"/>
+<label>Email</label> <input name="email" type="email" placeholder="john.doe@example.com"/>
+<label>Password</label> <input name="password" type="password" placeholder="password"/>
+<label>Admin</label> <input type="checkbox" name="admin" value = "y"/>
+<input name="submit" type="submit" value="Submit" />
+</form>';
+require '../../layout.php';
+
+if (isset($_GET['admin_id'])) {
+    $_SESSION['admin_id'] = $_GET['admin_id'];
+}
+else if (isset($_POST['submit'])) {
+	$pdo = startDB();
+	$stmt = $pdo->prepare('UPDATE users SET first_name= :first_name, last_name= :last_name, email= :email, password= :password, admin= :admin WHERE user_id= :category_id');
+
+    if(isset($_POST['admin'])) {
+        $values = [
+            'first_name' => $_POST['first_name'],
+            'last_name' => $_POST['last_name'],
+            'email' => $_POST['email'],
+            'password' => password_hash($_POST['password'], PASSWORD_DEFAULT),
+            'admin' => $_POST['admin']
+        ];
+    }
+    else {
+        $values = [
+            'first_name' => $_POST['first_name'],
+            'last_name' => $_POST['last_name'],
+            'email' => $_POST['email'],
+            'password' => password_hash($_POST['password'], PASSWORD_DEFAULT),
+            'admin' => 'n'
+        ];
+    }
+    
+	$stmt->execute($values);
+    unset($_SESSION['admin_id']);
+    echo '<script>window.location.href = "adminCategories.php";</script>';
+}
+?>
\ No newline at end of file
diff --git a/public/admin/manageAdmins.php b/public/admin/manageAdmins.php
new file mode 100644
index 0000000..b587c92
--- /dev/null
+++ b/public/admin/manageAdmins.php
@@ -0,0 +1,20 @@
+<?php
+session_start();
+$pageTitle = 'iBuy - Admin';
+$stylesheet = '../assets/ibuy.css';
+require_once '../../functions.php';
+adminCheck();
+$pageContent = '<h1>Admins <a href="addAdmin.php">Add</a></h1> 
+<ul>'. populateContent() .'</ul>';
+
+require '../../layout.php';
+
+function populateContent() {
+    $output = '';
+	$admins = getEveryAllMatches('users', 'admin', 'y');
+    foreach ($admins as &$admin) {
+        $output .= '<li>'. $admin['first_name'].$admin['last_name'] . ' <a href="editAdmin.php?admin_id='. urlencode($admin['user_id']) .'">edit</a> <a href="deleteAdmin.php?admin_id='. urlencode($admin['user_id']). '">delete</a></li>';
+    }
+    return $output;
+}
+?>
\ No newline at end of file
diff --git a/public/listing.php b/public/listing.php
index e6c4dc8..c821c5a 100644
--- a/public/listing.php
+++ b/public/listing.php
@@ -23,7 +23,7 @@ else if (isset($_POST['reviewSubmit'])) {
     VALUES (:review_user, :review_date, :review_contents, :user_id)');
     $values = [
         'review_user' => $_SESSION['loggedin'],
-        'review_date' => date('Y-m-d'),
+        'review_date' => date('Y-m-d H:i:s'),
         'review_contents' => $_POST['reviewtext'],
         'user_id' => $user['user_id']
     ];
@@ -90,7 +90,7 @@ function getReviews($user_id) {
     $output = '';
     foreach ($reviews as &$review) {
         $user = getFirstAllMatches('users', 'user_id', $review['review_user']);
-        $output .= '<li><strong>'.$user['first_name'].$user['last_name'].' said </strong>'.$review['review_contents'].' <em>'. $review['review_date'] .'</em></li>';
+        $output .= '<li><a href="account/userReviews.php?user_id='.$review['review_user'].'">'.$user['first_name'].$user['last_name'].' said </a>'.$review['review_contents'].' <em>'. $review['review_date'] .'</em></li>';
     }
 
     return $output;
diff --git a/public/search.php b/public/search.php
new file mode 100644
index 0000000..010eee5
--- /dev/null
+++ b/public/search.php
@@ -0,0 +1,34 @@
+<?php
+session_start();
+$pageTitle = 'iBuy - Search Results';
+require_once '../functions.php';
+$pageContent = '<h1> Search Results </h1>
+<ul>'. populateResults() .'</ul>';
+
+require '../layout.php';
+
+function populateResults() {
+    $output = '';
+    $pdo = startDB();
+    $stmt = $pdo->prepare('SELECT * FROM auction WHERE title LIKE "%'.$_GET['search'].'%"');
+    $stmt->execute();
+    $listings = $stmt->fetchAll();
+
+    foreach ($listings as &$listing) {
+        $listCat = getFirstAllMatches('category', 'category_id', $listing['categoryId'])['name'];
+        $bid = getFirstMatch('bids','MAX(amount)', 'listing_id', $listing['listing_id']);
+
+        $output .= '<li>
+        <img src="'.$listing['imgUrl'].'" alt="product name">
+        <article>
+            <h2>'. $listing['title'] .'</h2>
+            <h3>'. $listing['categoryId'] .'</h3>
+            <p>'. $listing['description'] .'</p>
+            <p class="price">Current bid:'. $bid['MAX(amount)'] .'</p>
+            <a href="listing.php?listing_id='. $listing['listing_id'] .'" class="more auctionLink">More &gt;&gt;</a>
+        </article>
+        </li>';
+    }
+
+    return $output;
+}
\ No newline at end of file
diff --git a/todo.txt b/todo.txt
deleted file mode 100644
index 29fb0f8..0000000
--- a/todo.txt
+++ /dev/null
@@ -1 +0,0 @@
-//TODO: userReviews, addAdmin, manageAdmin, search
\ No newline at end of file