diff --git a/FIT5032-Assignment/Controllers/AppointmentsController.cs b/FIT5032-Assignment/Controllers/AppointmentsController.cs
index 6d0598b..a639d4d 100644
--- a/FIT5032-Assignment/Controllers/AppointmentsController.cs
+++ b/FIT5032-Assignment/Controllers/AppointmentsController.cs
@@ -132,11 +132,52 @@ namespace FIT5032_Assignment.Controllers {
       return View();
     }
 
-    // GET: Appointments/Details/5
-    public ActionResult Details(int id) {
-      return View();
-    }
+    // GET: Appointments/Cancel/uuid
+    public ActionResult Cancel(string id) {
+      // Check login
+      if (Request.Cookies["psg_auth_token"] == null) {
+        // Redirect to home page
+        return RedirectToAction("Index");
+      }
+      var user = psgCredentialVerify(Request.Cookies["psg_auth_token"].Value);
+      if (user == null) {
+        // Redirect to home page
+        Response.Cookies["psg_auth_token"].Expires = DateTime.Now.AddDays(-1);
+        return RedirectToAction("Index");
+      }
+      var userProfile = loginInfo(user);
+      if (userProfile == null) {
+        // Redirect to home page, and remove cookies
+        Response.Cookies["psg_auth_token"].Expires = DateTime.Now.AddDays(-1);
+        return RedirectToAction("Index");
+      }
 
+      // Check if the appointment is belong to the doctor or patient
+      var appointment = db.Appointments.Find(id);
+      if (appointment == null) {
+        TempData["tip"] = "The appointment does not exist.";
+        return Redirect("/Appointments/Index");
+      }
+      if (appointment.patient != userProfile.uuid && appointment.responsibleBy != userProfile.uuid) {
+        TempData["tip"] = "The appointment does not exist.";
+        return Redirect("/Appointments/Index");
+      }
+
+      // Check status == 0
+      if (appointment.status != 0) {
+        TempData["tip"] = "Operation invalid";
+        return Redirect("/Appointments/Index");
+      }
+
+      // Update status
+      appointment.status = -1;
+      db.Entry(appointment).State = EntityState.Modified;
+      db.SaveChanges();
+
+      TempData["tip"] = "The appointment has been cancelled.";
+      return Redirect("/Appointments/Index");
+    }
+    
     public ActionResult Approve(string id) {
       // Check login
       if (Request.Cookies["psg_auth_token"] == null) {
diff --git a/FIT5032-Assignment/Views/Appointments/Index.cshtml b/FIT5032-Assignment/Views/Appointments/Index.cshtml
index aa4431d..d0b3c36 100644
--- a/FIT5032-Assignment/Views/Appointments/Index.cshtml
+++ b/FIT5032-Assignment/Views/Appointments/Index.cshtml
@@ -47,7 +47,7 @@
         </td>
         <td>
           @if (item.Item1.status == 0) {
-            <button class="btn btn-sm btn-danger">Cancel</button>
+            <a href='./Cancel/@item.Item1.uuid' class="btn btn-sm btn-danger">Cancel</a>
           }
         </td>
       </tr>
@@ -86,7 +86,9 @@
         <td>
           @if (item.Item1.status == 0) {
             <a href='./Approve/@item.Item1.uuid' class="btn btn-sm btn-primary">Approve</a>
-            <button class="btn btn-sm btn-danger">Cancel</button>
+            <a href='./Cancel/@item.Item1.uuid' class="btn btn-sm btn-danger">Cancel</a>
+          } else if (item.Item1.status == 1) {
+            <a href="." class="btn btn-sm btn-primary">Upload Image</a>
           }
         </td>
       </tr>