diff --git a/app/Controllers/Auth.php b/app/Controllers/Auth.php
index 1697704..3fbb4ba 100644
--- a/app/Controllers/Auth.php
+++ b/app/Controllers/Auth.php
@@ -162,12 +162,28 @@ class Auth extends Controller {
         }
 
         $password = password_hash($password, PASSWORD_DEFAULT);
-        $sql = "INSERT INTO users(username, password) values('$username', '$password')";
+        $sql = "INSERT INTO users(username, password) VALUES(?, ?)";
+
+        try {
+            // Jalankan kueri dan binding data secara terpisah
+            $this->db->query($sql, [$username, $hashedPassword]);
+
+            // Respon sukses jika kueri berhasil
+            return $this->respond([
+                'status'  => 'success',
+                'message' => 'User ' . $username . ' successfully created.'
+            ], 201); // Kode 201 Created sudah benar untuk resource baru
+            
+        } catch (\Exception $e) {
+            
+            // Tangani error lain-lain
+            return $this->respond([
+                'status'  => 'error',
+                'message' => 'Failed to create user. Please try again later.'
+            ], 500); // Kode 500 Internal Server Error untuk masalah di server
+        }
+            
         
-        return $this->respond([
-            'status'  => 'success',
-            'message' => 'User '.$username.' created'
-        ], 201);
     }
 
     // public function change_pass() {