diff --git a/loginn.php b/loginn.php
index a30fea7..373cb4d 100644
--- a/loginn.php
+++ b/loginn.php
@@ -2,6 +2,51 @@
 include "koneksi.php";
 session_start();
 
+$error = '';
+if(isset($_POST['login'])){
+    $username = mysqli_real_escape_string($conn, $_POST['username']);
+    $password = $_POST['password'];
+
+    $sql = "SELECT id, username, password, balance FROM users WHERE username = ?";
+    $stmt = mysqli_prepare($conn, $sql);
+    mysqli_stmt_bind_param($stmt, "s", $username);
+    mysqli_stmt_execute($stmt);
+    $result = mysqli_stmt_get_result($stmt);
+
+    if (mysqli_num_rows($result) > 0) {
+        $user = mysqli_fetch_assoc($result);
+        
+        // Password verification
+        if($password === $user['password']) { // atau password_verify() jika di-hash
+            
+            // Set semua data session
+            $_SESSION['user_id'] = $user['id'];
+            $_SESSION['username'] = $user['username'];
+            $_SESSION['balance'] = intval($user['balance']); // PASTIKAN integer
+            
+            // Update last login
+            $update_sql = "UPDATE users SET last_login = NOW() WHERE id = ?";
+            $update_stmt = mysqli_prepare($conn, $update_sql);
+            mysqli_stmt_bind_param($update_stmt, "i", $user['id']);
+            mysqli_stmt_execute($update_stmt);
+            
+            header("Location: html.php");
+            exit;
+        } else {
+            $error = 'Invalid username or password.';
+        }
+    } else {
+        $error = 'Invalid username or password.';
+    }
+    mysqli_stmt_close($stmt);
+}
+?>
+<!-- ... form login tetap sama ... -->
+
+<?php
+include "koneksi.php";
+session_start();
+
 $error = '';
 $success = '';