Ver original
<?
if ($_POST['username']) {
$username=$_POST['username'];
$password_login = md5($_POST['password']);
 
//if ($pasword_login == $pasword_db) //se asume de la DB
 
//$password = md5($_POST[$password]);
 
if ($password_login==NULL) {
    echo "<center>El password no se ha enviado<center>";
        }else{
            $query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());
            $data = mysql_fetch_array($query);
        if($data['password'] != $password_login) {
            echo "<center>Login incorrecto<center>";
        }else{
            $query = mysql_query("SELECT username,password FROM users WHERE username = '$username'") or die(mysql_error());
            $row = mysql_fetch_array($query);
            $_SESSION["s_username"] = $row['username'];
    header("Location: index.php");
}
}
}
$_SESSION['userid'] = null;
?>