diff --git a/main/db.sql b/main/db.sql
index fff923f..65bcf83 100644
--- a/main/db.sql
+++ b/main/db.sql
@@ -12,7 +12,8 @@ CREATE TABLE users (
     username VARCHAR(50) NOT NULL UNIQUE,
     password VARCHAR(255) NOT NULL,
     pgp_key TEXT,
-    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+    created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
+    is_moderator TINYINT(1) NOT NULL DEFAULT 0
 );
 
 CREATE TABLE registrations (
diff --git a/main/index.php b/main/index.php
index 214d13d..12f0cb5 100644
--- a/main/index.php
+++ b/main/index.php
@@ -1,4 +1,5 @@
 <?php
+session_start();
 header('X-Content-Type-Options: nosniff');
 header('X-Frame-Options: DENY');
 header('X-XSS-Protection: 1; mode=block');
@@ -17,21 +18,47 @@ try {
     die('Connection failed: ' . $e->getMessage());
 }
 
+if (isset($_GET['logout'])) {
+    session_destroy();
+    header('Location: index.php');
+    exit;
+}
+
+function is_registered($db, $username) {
+    $stmt = $db->prepare('SELECT id FROM users WHERE username = ?');
+    $stmt->execute([$username]);
+    return $stmt->fetchColumn() ? true : false;
+}
+
 if ($_SERVER['REQUEST_METHOD'] === 'POST') {
     $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
     $message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING);
     $signature = $_POST['signature'] ?? '';
     $is_encrypted = isset($_POST['encrypted']) ? 1 : 0;
-    
+
     if ($username && $message) {
-        try {
-            $stmt = $db->prepare('INSERT INTO messages (username, message, signature, is_encrypted) VALUES (?, ?, ?, ?)');
-            $stmt->execute([$username, $message, $signature, $is_encrypted]);
-        } catch (PDOException $e) {
-            die('Database error: ' . $e->getMessage());
+        if (is_registered($db, $username)) {
+            if (!isset($_SESSION['username']) || $_SESSION['username'] !== $username) {
+                $error = 'Это имя занято. Войдите для отправки.';
+            }
+        }
+        if (empty($error)) {
+            try {
+                $stmt = $db->prepare('INSERT INTO messages (username, message, signature, is_encrypted) VALUES (?, ?, ?, ?)');
+                $stmt->execute([$username, $message, $signature, $is_encrypted]);
+            } catch (PDOException $e) {
+                die('Database error: ' . $e->getMessage());
+            }
+            header('Location: ' . $_SERVER['PHP_SELF']);
+            exit;
         }
     }
-    header('Location: ' . $_SERVER['PHP_SELF']);
+}
+
+if (isset($_GET['delete']) && isset($_SESSION['is_moderator']) && $_SESSION['is_moderator']) {
+    $msg_id = (int)$_GET['delete'];
+    $db->prepare('DELETE FROM messages WHERE id = ?')->execute([$msg_id]);
+    header('Location: index.php');
     exit;
 }
 
@@ -54,10 +81,20 @@ try {
         <div class="header">
             <h1>Text0Nly</h1>
             <div class="header-buttons">
-                <a href="register.php">Register</a>
+                <?php if (isset($_SESSION['username'])): ?>
+                    <span>👤 <?= htmlspecialchars($_SESSION['username']) ?><?php if (!empty($_SESSION['is_moderator'])) echo ' (mod)'; ?></span>
+                    <a href="?logout=1">Logout</a>
+                <?php else: ?>
+                    <a href="login.php">Login</a>
+                    <a href="register.php">Register</a>
+                <?php endif; ?>
             </div>
         </div>
 
+        <?php if (!empty($error)): ?>
+            <div class="error" style="color:red; margin-bottom:10px;"> <?= htmlspecialchars($error) ?> </div>
+        <?php endif; ?>
+
         <div class="messages-container" id="messages">
             <?php foreach ($messages as $msg): ?>
                 <div class="message">
@@ -71,13 +108,19 @@ try {
                     <?php if ($msg['signature']): ?>
                         <div class="signature">Signature: <?= htmlspecialchars($msg['signature']) ?></div>
                     <?php endif; ?>
+                    <?php if (!empty($_SESSION['is_moderator'])): ?>
+                        <form method="get" style="display:inline">
+                            <input type="hidden" name="delete" value="<?= $msg['id'] ?>">
+                            <button type="submit" style="color:#a00; background:none; border:none; cursor:pointer;">удалить</button>
+                        </form>
+                    <?php endif; ?>
                 </div>
             <?php endforeach; ?>
         </div>
 
         <div class="form-container">
             <form method="post">
-                <input type="text" name="username" placeholder="Your username" required maxlength="50">
+                <input type="text" name="username" placeholder="Your username" required maxlength="50" value="<?= isset($_SESSION['username']) ? htmlspecialchars($_SESSION['username']) : '' ?>">
                 <textarea name="message" placeholder="Your message" required></textarea>
                 <textarea name="signature" placeholder="PGP signature (optional)"></textarea>
                 <div class="checkbox-wrapper">
diff --git a/main/login.php b/main/login.php
new file mode 100644
index 0000000..68f271e
--- /dev/null
+++ b/main/login.php
@@ -0,0 +1,57 @@
+<?php
+session_start();
+header('X-Content-Type-Options: nosniff');
+header('X-Frame-Options: DENY');
+header('X-XSS-Protection: 1; mode=block');
+header('Content-Security-Policy: default-src \'self\'');
+
+$config = require 'config.php';
+$db = new PDO(
+    "mysql:host={$config['db']['host']};dbname={$config['db']['name']}", 
+    $config['db']['user'], 
+    $config['db']['pass']
+);
+$db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
+
+$error = '';
+if ($_SERVER['REQUEST_METHOD'] === 'POST') {
+    $username = filter_input(INPUT_POST, 'username', FILTER_SANITIZE_STRING);
+    $password = $_POST['password'] ?? '';
+    if ($username && $password) {
+        $stmt = $db->prepare('SELECT id, password, is_moderator FROM users WHERE username = ?');
+        $stmt->execute([$username]);
+        $user = $stmt->fetch(PDO::FETCH_ASSOC);
+        if ($user && password_verify($password, $user['password'])) {
+            $_SESSION['user_id'] = $user['id'];
+            $_SESSION['username'] = $username;
+            $_SESSION['is_moderator'] = $user['is_moderator'];
+            header('Location: index.php');
+            exit;
+        } else {
+            $error = 'Invalid username or password';
+        }
+    }
+}
+?>
+<!DOCTYPE html>
+<html>
+<head>
+    <meta charset="utf-8">
+    <title>Login</title>
+    <link rel="stylesheet" href="styles.css">
+</head>
+<body>
+<div class="container">
+    <div class="header"><h1>Login</h1></div>
+    <?php if ($error): ?>
+        <div class="error" style="color:red; margin-bottom:10px;"><?= htmlspecialchars($error) ?></div>
+    <?php endif; ?>
+    <form method="post" class="form-container">
+        <input type="text" name="username" placeholder="Username" required maxlength="50">
+        <input type="password" name="password" placeholder="Password" required>
+        <button type="submit">Login</button>
+    </form>
+    <div style="margin-top:10px;"><a href="register.php">Register</a> | <a href="index.php">Back to chat</a></div>
+</div>
+</body>
+</html> 
\ No newline at end of file
