diff --git a/db.php b/db.php
index d92651d..5958255 100644
--- a/db.php
+++ b/db.php
@@ -1,6 +1,6 @@
 <?php
 define("DB_HOST", "localhost");
-define("DB_USER", "ccah-user");
+define("DB_USER", "ccah_user");
 define("DB_PASS", "e_NQ,S^#sW6X:;nV!Uw.my");
 define("DB_NAME", "ccah_assessment");
 
@@ -8,4 +8,8 @@ $conn = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_NAME);
 if ($conn->connect_error) {
     die("Database connection failed: " . $conn->connect_error);
 }
+
+// Mark expired tokens
+$conn->query("UPDATE users SET expired = 1 WHERE expiry_date < NOW() AND expired = 0");
+
 ?>
diff --git a/submit.php b/submit.php
index e6def61..723a2aa 100644
--- a/submit.php
+++ b/submit.php
@@ -43,7 +43,7 @@ if (!$user) {
     exit;
 }
 // Check if token is expired
-if (strtotime($user['token_expires_at']) < time()) {
+if ($user['expired'] == 1) {
     http_response_code(403);
     echo json_encode(["error" => "Authentication token has expired."]);
     exit;