diff --git a/tugas-besar-1-webtune-app/Controller/LaguController.php b/tugas-besar-1-webtune-app/Controller/LaguController.php
index 38bd8d3d20365485138e89f15f7b8952713057ce..1da247080034a526d983e934353bcc5e96720500 100644
--- a/tugas-besar-1-webtune-app/Controller/LaguController.php
+++ b/tugas-besar-1-webtune-app/Controller/LaguController.php
@@ -261,10 +261,11 @@ class LaguController
         $formData = $req->formData();
         // print_r($formData);
         //datanya
-        $title = $formData["title"];
-        $release_date = $formData["release_date"];
-        $singer_name = $formData["singer_name"];
-        $genre = $formData["genre"];
+        // Sanitizing user input
+        $title = htmlspecialchars($formData["title"], ENT_QUOTES, 'UTF-8');
+        $release_date = htmlspecialchars($formData["release_date"], ENT_QUOTES, 'UTF-8');
+        $singer_name = htmlspecialchars($formData["singer_name"], ENT_QUOTES, 'UTF-8');
+        $genre = htmlspecialchars($formData["genre"], ENT_QUOTES, 'UTF-8');
         //proses file
         //lagu
         $target_path_audio = "/";