diff --git a/approveLogic.php b/approveLogic.php
index d748fa15f0894a7f059dc5a04b67e22a733e4c33..54acff3d859121372e7bac345ccc4269258fd6a0 100644
--- a/approveLogic.php
+++ b/approveLogic.php
@@ -22,8 +22,26 @@ if(!isset($_SESSION['id'])) {
     } 
 }
 
-$db->update('public_comments', $_GET['id'], ['is_approved' => 1]);
+$sql = 'SELECT * FROM public_comments 
+WHERE is_approved = 1 AND is_deleted = 0 AND is_denied = 0 AND userId = :id AND bookId = :bookId';
+$stmt = $db->conn->prepare($sql);
+$stmt->execute(['id' => $_SESSION['id'], 'bookId' => $_GET['bookId']]);
+$comments = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+// var_dump($comments);
+// die();
+
+if(count($comments) == 0) {
+    $db->update('public_comments', $_GET['id'], ['is_approved' => 1]);
+    $db->update('public_comments', $_GET['id'], ['is_denied' => 0]);
+    
+} else {
+    $_SESSION['error'] = 'Comment cannot be approved, user already has a comment on this book';
+}
+
 header('location: ./pending_comments.php');
-die();
+    die();
+ 
+
 
 ?>
\ No newline at end of file
diff --git a/book.php b/book.php
index cd9c4d79a825350f844ba9f0d0e2fcc5bfad03af..bc22bfaca88870f20f75933f848b95c742f4f2c2 100644
--- a/book.php
+++ b/book.php
@@ -8,8 +8,35 @@ if($_SERVER['REQUEST_METHOD'] == 'GET') {
     $db = new Database(); 
     $db->connect();
 
-    $bookPublicComments = $db->selectAllBookComments($_GET['id']);
+    $sql = 'SELECT pc.id as commentId, pc.comment, u.fullName, pc.userId as commentUserId FROM public_comments pc JOIN users u on pc.userId = u.id
+            JOIN book b on pc.bookId = b.id
+            WHERE pc.bookId = :bookId AND pc.is_deleted = 0 AND pc.is_approved = 1';
+    $stmt = $db->conn->prepare($sql);
+    $stmt->execute(['bookId' => $_GET['id']]);
+    $bookPublicComments = $stmt->fetchAll(PDO::FETCH_ASSOC);
     
+    if(isset($_SESSION["id"])) {
+
+        //here we are selecting private notes for specific user
+        
+        $sql = 'SELECT * FROM private_notes pn JOIN users u on pn.userId = u.id
+            JOIN book b on pn.bookId = b.id
+            WHERE pn.userId = :userId AND pn.bookId = :bookId AND pn.is_deleted = 0';
+        $stmt = $db->conn->prepare($sql);
+        $stmt->execute(['userId' => $_SESSION['id'], 'bookId' => $_GET['id']]);
+        $notes = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+        //here we are selecting pending comments for specific user
+    
+        $sql = 'SELECT pc.id as commentId, pc.comment, u.fullName FROM public_comments pc JOIN users u on pc.userId = u.id
+                JOIN book b on pc.bookId = b.id
+                WHERE pc.bookId = :bookId AND pc.is_deleted = 0 AND pc.is_approved = 0 and pc.userId = :userId AND pc.is_denied = 0';
+        $stmt = $db->conn->prepare($sql);
+        $stmt->execute(['bookId' => $_GET['id'], 'userId' => $_SESSION['id']]);
+        $bookPendingComment = $stmt->fetchAll(PDO::FETCH_ASSOC);
+        
+    }
+
 }
 
 ?>
@@ -32,6 +59,7 @@ if($_SERVER['REQUEST_METHOD'] == 'GET') {
     <title>Document</title>
 </head>
 <body>
+
 <?php
 
 if(isset($_SESSION["success"])) {
@@ -47,12 +75,20 @@ if(isset($_SESSION["error"])) {
     unset($_SESSION["error"]);
 }
 
+//edit your comments section
+// 
+
 foreach($bookPublicComments as $comment){
-    if($comment['is_deleted'] == 0 && $comment['is_approved'] == 1) {
-        echo "<p>$comment[comment]</p>";
-    }
+        echo "<div class='d-flex'>
+        <p>{$comment['fullName']} says: {$comment['comment']}</p>";
+        if($comment['commentUserId'] == $_SESSION['id']) {
+            echo "<a href='./delete_comment.php?id={$comment['commentId']}&bookId={$_GET['id']}' class='btn btn-outline-dark hover-effect'>Delete</a>";
+        }
+        echo "</div>";
 }
 
+////////////////////////////////
+
 if(isset($_SESSION['id'])){
     $user = $db->selectById("users", $_SESSION['id']);
     echo "<form action='./comment_logic.php' method='POST'>
@@ -61,6 +97,24 @@ if(isset($_SESSION['id'])){
         <input type='text' class='form-control' name='comment'>
         <button type='submit' class='btn btn-outline-dark hover-effect'>Comment</button>
     </form>";
+
+    foreach($notes as $note) {
+        echo "<p>$note[note]</p>";
+    }
+
+    echo "<form action='./notes_logic.php' method='POST'>
+        <input type='hidden' name='bookId' value='{$_GET['id']}'>
+        <input type='hidden' name='userId' value='{$user['id']}'>
+        <input type='text' class='form-control' name='note'>
+        <button type='submit' class='btn btn-outline-dark hover-effect'>Note</button>
+    </form>";
+
+    foreach($bookPendingComment as $comment){
+        echo "<div class='d-flex'>
+        <p>Your pending comment : {$comment['comment']}</p>
+        <a href='./removeCommentFromPendingList.php?id={$comment['commentId']}&bookId={$_GET['id']}' class='btn btn-outline-dark hover-effect'>Remove</a>
+        </div>";
+    }
 }
 
 ?>
diff --git a/book_crud.php b/book_crud.php
index 8abdfcadd88dd3b88549c6621c6084707de131a9..f4e72a8fce412fc8d54d837b726a2c5aec8ba644 100644
--- a/book_crud.php
+++ b/book_crud.php
@@ -37,6 +37,7 @@ $allBooks = $db->select("book");
       integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH"
       crossorigin="anonymous"
     />
+    <link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.css">
     <link rel="stylesheet" href="./style.css" />
     <title>Document</title>
 </head>
@@ -61,30 +62,24 @@ $allBooks = $db->select("book");
         <a href="./addBookForm.php" class="btn btn-outline-dark hover-effect">Add</a>
     </div>
     <div class="table-wrapper">
-        <table class="table">
+            <table class="table">
             <thead>
                 <tr>
                     <th scope="col">Book name</th>
                     <th scope='col' class="text-center">Action</th>
                 </tr>
-            
             </thead>
             <tbody class='table-group-divider'>
                 <?php 
-
                 foreach ($allBooks as $book) {
                     if($book['is_deleted'] == 0) {
                         echo "
                         <tr>
                             <td>{$book['title']}</td>
                             <td class='d-flex gap-3 justify-center'>
-                                <form action='./deleteLogic.php' method='POST'>
-                                    <input type='text' name='tableName' value='book' hidden>
-                                    <input type='text' name='id' value='{$book['id']}' hidden>
-                                    <button class='btn btn-outline-dark hover-effect'>Delete</button>
-                                </form>
-
+                                <button class='btn btn-outline-dark hover-effect delete-btn'>Delete</button>
                                 <a href='./editBookForm.php?id={$book['id']}' class='btn btn-outline-dark hover-effect'>Edit</a>
+                                <input type='hidden' class='book-id' value='{$book['id']}'>
                             </td>
                         </tr>
                         ";
@@ -101,5 +96,9 @@ $allBooks = $db->select("book");
         <p>Brainster Library</p>
     </div>
  </div>
+
+<link rel="stylesheet" href="https://cdn.jsdelivr.net/npm/sweetalert2@11/dist/sweetalert2.min.css">
+<script src="https://cdn.jsdelivr.net/npm/sweetalert2@11"></script>
+ <script src="./deleteBook.js"></script>
 </body>
 </html>
\ No newline at end of file
diff --git a/comment_logic.php b/comment_logic.php
index 1beac7dc87b638edc4b2091c1859b7a13825e91e..44b51b2e09079ed0b4941c87364b1d75326d9f03 100644
--- a/comment_logic.php
+++ b/comment_logic.php
@@ -6,8 +6,27 @@ if($_SERVER['REQUEST_METHOD'] != 'POST') {
     die();
 }
 
+require_once 'config.php';
 session_start();
 
+$db = new Database();
+$db->connect();
+
+$sql = 'SELECT * FROM public_comments WHERE userId = :id AND bookId = :bookId AND is_deleted = 0 AND is_denied = 0';
+$stmt = $db->conn->prepare($sql);
+$stmt->execute(['id' => $_POST['userId'], 'bookId' => $_POST['bookId']]);
+$comment = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+
+if(count($comment) > 0) {
+
+    $_SESSION['error'] = 'You have already commented on this book or your comment is on admin review';
+    header('location: ./book.php?id='.$_POST['bookId']);
+    die();
+
+}
+
+
 if(strlen(trim($_POST['comment'])) == 0) {
 
     $_SESSION['error'] = 'Comment cannot be empty';
@@ -15,10 +34,7 @@ if(strlen(trim($_POST['comment'])) == 0) {
     die();
 }
 
-require_once 'config.php';
 
-$db = new Database();
-$db->connect();
 
 $data = $_POST;
 $data['is_deleted'] = 0;
diff --git a/config.php b/config.php
index 936c0ab16d55249bc0ee24d2916a8c515323f913..380fc13631343fc93db8935f9d13afa5201cedf5 100644
--- a/config.php
+++ b/config.php
@@ -44,13 +44,6 @@ class Database {
         return $stmt->fetch(PDO::FETCH_ASSOC);
     }
 
-    public function selectAllBookComments($bookId){
-        $sql = "SELECT * FROM public_comments WHERE bookId = :bookId";
-        $stmt = $this->conn->prepare($sql);
-        $stmt->execute(['bookId' => $bookId]);
-        return $stmt->fetchAll(PDO::FETCH_ASSOC);
-    }
-
     public function login($id) {
         $sql = 'UPDATE users SET is_logged = 1 WHERE id = :id';
         $stmt = $this->conn->prepare($sql);
@@ -67,6 +60,8 @@ class Database {
         $sql = "UPDATE $tableName SET is_deleted = 1 WHERE id = :id";
         $stmt = $this->conn->prepare($sql);
         $stmt->execute(['id' => $id]);
+
+        return;
     }
 
     public function update($tableName, $id, $data) {
@@ -102,6 +97,12 @@ class Database {
         $stmt->execute();
         return $stmt->fetchAll(PDO::FETCH_ASSOC);
     }
+
+    public function deleteAllBookData($tableName, $bookId){
+        $sql = "UPDATE $tableName SET is_deleted = 1 WHERE bookId = :bookId";
+        $stmt = $this->conn->prepare($sql);
+        $stmt->execute(['bookId' => $bookId]);
+    }
 }
 
 ?>
\ No newline at end of file
diff --git a/deleteBook.js b/deleteBook.js
new file mode 100644
index 0000000000000000000000000000000000000000..064a19adcbfc5a530fb642dae7a2e78ed967a41d
--- /dev/null
+++ b/deleteBook.js
@@ -0,0 +1,34 @@
+document.addEventListener("DOMContentLoaded", () => {
+  const deleteButtons = document.querySelectorAll(".delete-btn");
+
+  deleteButtons.forEach((button) => {
+    button.addEventListener("click", () => {
+      const row = button.closest("tr");
+      const bookId = row.querySelector(".book-id").value.trim();
+      deleteBook(bookId);
+    });
+  });
+});
+
+function deleteBook(bookId) {
+  Swal.fire({
+    title: "Are you sure?",
+    text: "You won't be able to revert this!",
+    icon: "warning",
+    showCancelButton: true,
+    confirmButtonColor: "#3085d6",
+    cancelButtonColor: "#d33",
+    confirmButtonText: "Yes, delete it!",
+  }).then((result) => {
+    if (result.isConfirmed) {
+      fetch("softDeleteBook.php", {
+        method: "POST",
+        headers: {
+          "Content-Type": "application/json",
+        },
+        body: JSON.stringify({ id: bookId }),
+      });
+      location.reload();
+    }
+  });
+}
diff --git a/delete_comment.php b/delete_comment.php
new file mode 100644
index 0000000000000000000000000000000000000000..739d1212701c48ac83a8548258a937558a1b9790
--- /dev/null
+++ b/delete_comment.php
@@ -0,0 +1,24 @@
+<?php 
+
+require_once './config.php';
+session_start();
+
+$db = new Database();
+$db->connect();
+
+//checking if the user is logged in
+if(!isset($_SESSION['id'])) {
+    
+    header('location: ./index.php');
+    die();
+
+}
+
+$db->delete('public_comments', $_GET['id']);
+$_SESSION['success'] = 'Comment deleted successfully';
+
+header('location: ./book.php?id='.$_GET['bookId']);
+die();
+
+
+?>
\ No newline at end of file
diff --git a/denied_comments.php b/denied_comments.php
new file mode 100644
index 0000000000000000000000000000000000000000..c3701ea1733690485e9b14465bee5f346c36a194
--- /dev/null
+++ b/denied_comments.php
@@ -0,0 +1,76 @@
+<?php
+
+require_once './config.php';
+session_start();
+
+$db = new Database();
+$db->connect();
+
+//checking if the user is logged in
+if(!isset($_SESSION['id'])) {
+    
+    header('location: ./index.php');
+    die();
+
+} else {
+    //if user is logged in, check if he is an admin
+    $user = $db->selectById("users", $_SESSION['id']);
+
+    if($user['is_admin'] == 0) {
+        header('location: ./index.php');
+        die();
+    } 
+}
+
+$sql = 'SELECT users.fullName,public_comments.id as commentId, public_comments.comment, public_comments.is_approved,  public_comments.is_deleted,  public_comments.is_denied, book.title, book.id as bookId
+ FROM users JOIN public_comments ON users.id = public_comments.userId
+ JOIN book ON public_comments.bookId = book.id
+ WHERE public_comments.is_denied = 1';
+$stmt = $db->conn->prepare($sql);
+$stmt->execute();
+$allComments = $stmt->fetchAll(PDO::FETCH_ASSOC);
+
+?>
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <script src="https://cdn.tailwindcss.com"></script>
+    <link
+      href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css"
+      rel="stylesheet"
+      integrity="sha384-QWTKZyjpPEjISv5WaRU9OFeRpok6YctnYmDr5pNlyT2bRjXh0JMhjY6hW+ALEwIH"
+      crossorigin="anonymous"
+    />
+    <link rel="stylesheet" href="./style.css" />
+    <title>Document</title>
+</head>
+<body>
+    <table>
+        <thead>
+            <tr>
+                <th scope="col">Comment</th>
+                <th scope="col">User</th>
+                <th scope="col">Book</th>
+                <th scope="col">Action</th>
+            </tr>
+        </thead>
+        <tbody>
+        <?php
+            foreach ($allComments as $comment) {
+                echo "<tr>
+                    <td>{$comment['comment']}</td>
+                    <td>{$comment['fullName']}</td>
+                    <td>{$comment['title']}</td>
+                    <td>
+                        <a href='./approveLogic.php?id={$comment['commentId']}&bookId={$comment['bookId']}' class='btn btn-outline-dark hover-effect'>Approve</a>
+                    </td>
+                </tr>";
+            }
+        ?>
+        </tbody>
+    </table>
+</body>
+</html>
\ No newline at end of file
diff --git a/denyLogic.php b/denyLogic.php
index 9c08a85bf6928561959098854968c5d8870464ba..b14991e22f4be6578275354c69dc4a9a684b8ae9 100644
--- a/denyLogic.php
+++ b/denyLogic.php
@@ -23,6 +23,7 @@ if(!isset($_SESSION['id'])) {
 }
 
 $db->update('public_comments', $_GET['id'], ['is_denied' => 1]);
+$db->update('public_comments', $_GET['id'], ['is_approved' => 0]);
 header('location: ./pending_comments.php');
 die();
 
diff --git a/notes_logic.php b/notes_logic.php
new file mode 100644
index 0000000000000000000000000000000000000000..3e5f6f2cfe351a2a11d4ef432d266cc34e69c6fc
--- /dev/null
+++ b/notes_logic.php
@@ -0,0 +1,33 @@
+<?php 
+
+if($_SERVER['REQUEST_METHOD'] != 'POST') {
+    
+    header('location: ./index.php');
+    die();
+    
+}
+
+session_start();
+
+if(strlen(trim($_POST['note'])) == 0) {
+
+    $_SESSION['error'] = 'Yout note cannot be empty';
+    header('location: ./book.php?id='.$_POST['bookId']);
+    die();
+}
+
+require_once 'config.php';
+
+$db = new Database();
+$db->connect();
+
+$data = $_POST;
+$data['is_deleted'] = 0;
+
+$db->insert('private_notes', $data);
+$_SESSION['success'] = 'Note has been successfully added';
+header('location: ./book.php?id='.$_POST['bookId']);
+die();
+
+
+?>
\ No newline at end of file
diff --git a/pending_comments.php b/pending_comments.php
index d1e23e19170b2a5bf846b7a9ee493690b3742bc8..28303ab603c7fe32e32adfca46a64d2ec770f7e6 100644
--- a/pending_comments.php
+++ b/pending_comments.php
@@ -24,7 +24,8 @@ if(!isset($_SESSION['id'])) {
 
 $sql = 'SELECT users.fullName,public_comments.id as commentId, public_comments.comment, public_comments.is_approved,  public_comments.is_deleted,  public_comments.is_denied, book.title
  FROM users JOIN public_comments ON users.id = public_comments.userId
- JOIN book ON public_comments.bookId = book.id';
+ JOIN book ON public_comments.bookId = book.id
+ WHERE public_comments.is_approved = 0 AND public_comments.is_deleted = 0 AND public_comments.is_denied = 0';
 $stmt = $db->conn->prepare($sql);
 $stmt->execute();
 $allComments = $stmt->fetchAll(PDO::FETCH_ASSOC);
@@ -47,6 +48,16 @@ $allComments = $stmt->fetchAll(PDO::FETCH_ASSOC);
     <title>Document</title>
 </head>
 <body>
+    <?php 
+    
+    if(isset($_SESSION['error'])) {
+        echo "<div class='alert alert-danger' role='alert'>
+            {$_SESSION['error']}
+        </div>";
+        unset($_SESSION['error']);
+    }
+    
+    ?>
     <table>
         <thead>
             <tr>
@@ -59,18 +70,16 @@ $allComments = $stmt->fetchAll(PDO::FETCH_ASSOC);
         <tbody>
         <?php
             foreach ($allComments as $comment) {
-                if($comment['is_approved'] == 0 && $comment['is_deleted'] == 0 && $comment['is_denied'] == 0){
-                    echo "<tr>
-                        <td>{$comment['comment']}</td>
-                        <td>{$comment['fullName']}</td>
-                        <td>{$comment['title']}</td>
-                        <td>
-                            <a href='./approveLogic.php?id={$comment['commentId']}' class='btn btn-outline-dark hover-effect'>Approve</a>
-                            <a href='./denyLogic.php?id={$comment['commentId']}' class='btn btn-outline-dark hover-effect'>Deny</a>
-                        </td>
-                    </tr>";
+                echo "<tr>
+                    <td>{$comment['comment']}</td>
+                    <td>{$comment['fullName']}</td>
+                    <td>{$comment['title']}</td>
+                    <td>
+                        <a href='./approveLogic.php?id={$comment['commentId']}' class='btn btn-outline-dark hover-effect'>Approve</a>
+                        <a href='./denyLogic.php?id={$comment['commentId']}' class='btn btn-outline-dark hover-effect'>Deny</a>
+                    </td>
+                </tr>";
                 }
-            }
         ?>
         </tbody>
     </table>
diff --git a/removeCommentFromPendingList.php b/removeCommentFromPendingList.php
new file mode 100644
index 0000000000000000000000000000000000000000..08eecb78282a7e08b52b3fe81f76c895f8e1decd
--- /dev/null
+++ b/removeCommentFromPendingList.php
@@ -0,0 +1,31 @@
+<?php 
+
+require_once './config.php';
+session_start();
+
+$db = new Database();
+$db->connect();
+
+//checking if the user is logged in
+if(!isset($_SESSION['id'])) {
+    
+    header('location: ./index.php');
+    die();
+
+} else {
+    //if user is logged in, check if he is an admin
+    $user = $db->selectById("users", $_SESSION['id']);
+
+    if($user['is_admin'] == 0) {
+        header('location: ./index.php');
+        die();
+    } 
+}
+
+$db->delete('public_comments', $_GET['id']);
+$_SESSION['success'] = 'Comment deleted successfully';
+
+header('location: ./book.php?id=' . $_GET['bookId']);
+die();
+
+?>
\ No newline at end of file
diff --git a/softDeleteBook.php b/softDeleteBook.php
new file mode 100644
index 0000000000000000000000000000000000000000..9d31ad325df16a4ca999a5c7c735dce9715a8f74
--- /dev/null
+++ b/softDeleteBook.php
@@ -0,0 +1,23 @@
+<?php
+
+if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+
+    session_start();
+
+    $data = json_decode(file_get_contents('php://input'), true);
+    $bookId = $data['id'];
+
+    require_once 'config.php';
+    $db = new Database();
+    $db->connect();
+
+    $db->delete('book', $bookId); 
+    $db->deleteAllBookData('public_comments', $bookId);
+    $db->deleteAllBookData('private_notes', $bookId);
+    $_SESSION['success'] = 'Book has been successfully deleted';
+    header('location: ./book_crud.php');
+    die();
+
+}
+
+?>
\ No newline at end of file