0) { $user = mysqli_fetch_assoc($result); // Password verification if($password === $user['password']) { // atau password_verify() jika di-hash // Set semua data session $_SESSION['user_id'] = $user['id']; $_SESSION['username'] = $user['username']; $_SESSION['balance'] = intval($user['balance']); // PASTIKAN integer // Update last login $update_sql = "UPDATE users SET last_login = NOW() WHERE id = ?"; $update_stmt = mysqli_prepare($conn, $update_sql); mysqli_stmt_bind_param($update_stmt, "i", $user['id']); mysqli_stmt_execute($update_stmt); header("Location: html.php"); exit; } else { $error = 'Invalid username or password.'; } } else { $error = 'Invalid username or password.'; } mysqli_stmt_close($stmt); } ?> 0) { $error = 'Username already exists.'; } else { // Password hashing untuk keamanan // UNTUK TESTING: simpan plain text (tidak direkomendasikan) $hashed_password = $password; // HAPUS INI DI PRODUKSI // UNTUK PRODUKSI: gunakan password_hash() // $hashed_password = password_hash($password, PASSWORD_DEFAULT); // Insert user baru dengan saldo awal $insert_sql = "INSERT INTO users (username, password, balance, created_at) VALUES (?, ?, 1000, NOW())"; $insert_stmt = mysqli_prepare($conn, $insert_sql); mysqli_stmt_bind_param($insert_stmt, "ss", $username, $hashed_password); if(mysqli_stmt_execute($insert_stmt)) { $success = 'Registration successful! You can now login.'; // Auto login setelah register (opsional) $user_id = mysqli_insert_id($conn); $_SESSION['user_id'] = $user_id; $_SESSION['username'] = $username; $_SESSION['balance'] = 1000; header("Location: html.php"); exit; } else { $error = 'Registration failed. Please try again.'; } } } } ?> Register