diff --git a/api/v1/get/application.php b/api/v1/get/application.php
index 4504962..0a663ff 100644
--- a/api/v1/get/application.php
+++ b/api/v1/get/application.php
@@ -179,9 +179,9 @@ switch ($action) {
     case 'geolocation':
 
         if ($whereclause == ''){
-            $whereclause = 'WHERE geolocation is not null OR geolocation != "["",""]"';
+            $whereclause = 'WHERE geolocation is not null AND geolocation != \'["",""]\'';
         } else {
-            $whereclause .= ' AND geolocation is not null OR  geolocation != "["",""]';
+            $whereclause .= ' AND geolocation is not null AND geolocation != \'["",""]\'';
         }
         $sql = 'SELECT distinct(geolocation) FROM equipment e '.$whereclause.'';
     
diff --git a/api/v1/post/equipments.php b/api/v1/post/equipments.php
index 198012c..1765a60 100644
--- a/api/v1/post/equipments.php
+++ b/api/v1/post/equipments.php
@@ -217,18 +217,18 @@ $clause_insert = substr($clause_insert, 2); //Clean clause - remove first comma
 $input_insert = substr($input_insert, 1); //Clean clause - remove first comma
 
 //QUERY AND VERIFY ALLOWED
-if ($command == 'update' && (isAllowed('equipment_manage',$profile,$permission,'U') === 1 || isAllowed('equipments_mass_update',$profile,$permission,'U') === 1 || $owner_equipment === 1)){
+if ($command == 'update' && (isAllowed('equipment',$profile,$permission,'U') === 1 || isAllowed('equipments_mass_update',$profile,$permission,'U') === 1 || $owner_equipment === 1)){
     $sql = 'UPDATE equipment SET '.$clause.' WHERE rowID = ? '.$whereclause.'';
     $execute_input[] = $id;
     $stmt = $pdo->prepare($sql);
     $stmt->execute($execute_input);
 } 
-elseif ($command == 'insert' && isAllowed('equipment_manage',$profile,$permission,'C') === 1){
+elseif ($command == 'insert' && isAllowed('equipment',$profile,$permission,'C') === 1){
     $sql = 'INSERT INTO equipment ('.$clause_insert.') VALUES ('.$input_insert.')';
     $stmt = $pdo->prepare($sql);
     $stmt->execute($execute_input);
 }
-elseif ($command == 'delete' && (isAllowed('equipment_manage',$profile,$permission,'D') === 1 || $owner_equipment === 1)){
+elseif ($command == 'delete' && (isAllowed('equipment',$profile,$permission,'D') === 1 || $owner_equipment === 1)){
     //delete equipment
     $stmt = $pdo->prepare('DELETE FROM equipment WHERE rowID = ? '.$whereclause.'');
     $stmt->execute([ $id ]);
diff --git a/api/v2/get/application.php b/api/v2/get/application.php
index dd01c42..7fefbc5 100644
--- a/api/v2/get/application.php
+++ b/api/v2/get/application.php
@@ -179,9 +179,9 @@ switch ($action) {
     case 'geolocation':
 
         if ($whereclause == ''){
-            $whereclause = 'WHERE geolocation is not null OR geolocation != "["",""]"';
+            $whereclause = 'WHERE geolocation is not null AND geolocation != \'["",""]\'';
         } else {
-            $whereclause .= ' AND geolocation is not null OR  geolocation != "["",""]';
+            $whereclause .= ' AND geolocation is not null AND geolocation != \'["",""]\'';
         }
         $sql = 'SELECT distinct(geolocation) FROM equipment e '.$whereclause.'';
     
diff --git a/api/v2/post/equipments.php b/api/v2/post/equipments.php
index 9057ddb..bca84a5 100644
--- a/api/v2/post/equipments.php
+++ b/api/v2/post/equipments.php
@@ -224,18 +224,18 @@ $clause_insert = substr($clause_insert, 2); //Clean clause - remove first comma
 $input_insert = substr($input_insert, 1); //Clean clause - remove first comma
 
 //QUERY AND VERIFY ALLOWED
-if ($command == 'update' && (isAllowed('equipment_manage',$profile,$permission,'U') === 1 || isAllowed('equipments_mass_update',$profile,$permission,'U') === 1 || $owner_equipment === 1)){
+if ($command == 'update' && (isAllowed('equipment',$profile,$permission,'U') === 1 || isAllowed('equipments_mass_update',$profile,$permission,'U') === 1 || $owner_equipment === 1)){
     $sql = 'UPDATE equipment SET '.$clause.' WHERE rowID = ? '.$whereclause.'';
     $execute_input[] = $id;
     $stmt = $pdo->prepare($sql);
     $stmt->execute($execute_input);
 } 
-elseif ($command == 'insert' && isAllowed('equipment_manage',$profile,$permission,'C') === 1){
+elseif ($command == 'insert' && isAllowed('equipment',$profile,$permission,'C') === 1){
     $sql = 'INSERT INTO equipment ('.$clause_insert.') VALUES ('.$input_insert.')';
     $stmt = $pdo->prepare($sql);
     $stmt->execute($execute_input);
 }
-elseif ($command == 'delete' && (isAllowed('equipment_manage',$profile,$permission,'D') === 1 || $owner_equipment === 1)){
+elseif ($command == 'delete' && (isAllowed('equipment',$profile,$permission,'D') === 1 || $owner_equipment === 1)){
     //delete equipment
     $stmt = $pdo->prepare('DELETE FROM equipment WHERE rowID = ? '.$whereclause.'');
     $stmt->execute([ $id ]);
diff --git a/api/v2/post/user_role_assignments.php b/api/v2/post/user_role_assignments.php
index 06977a0..851ea02 100644
--- a/api/v2/post/user_role_assignments.php
+++ b/api/v2/post/user_role_assignments.php
@@ -48,11 +48,11 @@ if (isset($post_content['batch_update']) && isset($post_content['user_id']) && i
             if ($existing){
                 //Reactivate existing assignment
                 $stmt = $pdo->prepare('UPDATE user_role_assignments SET is_active = 1, assigned_by = ?, assigned_at = ?, updatedby = ?, updated = ? WHERE rowID = ?');
-                $stmt->execute([$username, $date, $username, $date, $existing['rowID']]);
+                $stmt->execute([$username, $date, $username, $date, $$username]);
             } else {
                 //Create new assignment
                 $stmt = $pdo->prepare('INSERT INTO user_role_assignments (user_id, role_id, is_active, assigned_by, assigned_at, created, createdby) VALUES (?, ?, 1, ?, ?, ?, ?)');
-                $stmt->execute([$user_id, $role_id, $username, $date, $date, $userkey]);
+                $stmt->execute([$user_id, $role_id, $username, $date, $date, $username]);
             }
         }
     }
diff --git a/api/v2/post/users.php b/api/v2/post/users.php
index 175e8f3..c8c1bc2 100644
--- a/api/v2/post/users.php
+++ b/api/v2/post/users.php
@@ -266,10 +266,17 @@ elseif ($command == 'insert' && isAllowed('user',$profile,$permission,'C') === 1
         $stmt = $pdo->prepare($sql);
         $stmt->execute($execute_input);
 
+        // Get the new user ID
+        $new_user_id = $pdo->lastInsertId();
+
         //STEP 2- Send to user
         $mail_location = (file_exists($_SERVER['DOCUMENT_ROOT'].'/custom/'.$domain.'/mail/email_template_new.php') ? $_SERVER['DOCUMENT_ROOT'].'/custom/'.$domain.'/mail/email_template_new.php' : './assets/mail/email_template_new.php');
         include_once $mail_location;
         send_mail($post_content['email'],$subject,$message,'','');
+
+        // Return the new user ID
+        $result = json_encode(['id' => (int)$new_user_id], JSON_UNESCAPED_UNICODE);
+        echo $result;
     } else {
         //------------------------------------------
         //JSON_ENCODE
diff --git a/equipment_manage.php b/equipment_manage.php
index c077f6e..8e8f031 100644
--- a/equipment_manage.php
+++ b/equipment_manage.php
@@ -7,7 +7,7 @@ if (debug && debug_id == $_SESSION['authorization']['id']){
     error_reporting(E_ALL);  
 }
 
-$page = 'equipment_manage';
+$page = 'equipment';
 $page_edit = 'equipment_manage_edit';
 //Check if allowed
 if (isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'R') === 0){
diff --git a/equipments.php b/equipments.php
index 31af2bf..cc999d6 100644
--- a/equipments.php
+++ b/equipments.php
@@ -22,7 +22,7 @@ if (isAllowed($page,$_SESSION['authorization']['permissions'],$_SESSION['authori
     exit;
 }
 //PAGE Security
-$page_manage = 'equipment_manage';
+$page_manage = 'equipment';
 $update_allowed = isAllowed($page_manage ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'U');
 $delete_allowed = isAllowed($page_manage ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'D');
 $create_allowed = isAllowed($page_manage ,$_SESSION['authorization']['permissions'],$_SESSION['authorization']['permission'],'C');
diff --git a/index.php b/index.php
index 34fe8be..7792cb9 100644
--- a/index.php
+++ b/index.php
@@ -37,14 +37,14 @@ if (!isset($_SESSION['authorization']['id']) && isset($_SESSION['authorization']
     if (!empty($responses)){$responses = json_decode($responses,true);}else{$responses = null;}
 
     //STORE DATA IN SESSION
-    if (is_array($responses) && !isset($responses['error'])) {
+    if (is_array($responses) && !isset($responses['error_code'])) {
         foreach($responses as $key => $value){
             $_SESSION['authorization'][$key] = $value;
         }
     } else {
-        // API call failed or returned error - redirect to login
+        // API call failed or returned error - redirect to login with error message
         session_destroy();
-        header('location: login.php');
+        header('location: login.php?error=session_expired');
         die();
     }
 }
diff --git a/login.php b/login.php
index db5d90b..64c0d34 100644
--- a/login.php
+++ b/login.php
@@ -53,6 +53,11 @@ $username = $password = '';
 $username_err = $password_err = '';
 $retry = 0;
 
+// Check for error parameter from redirects
+if (isset($_GET['error']) && $_GET['error'] === 'session_expired') {
+    $password_err = $password_err_2 ?? 'Session expired or invalid. Please login again.';
+}
+
 // Process submitted form data
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {