proses login

1. <?php
2.  session_start();
3.  include ('koneksi.php');
4.  
5.  $username = $_POST['username'];
6.  $password = $_POST['password'];
7.  
8.  $ambil = mysql_query("SELECT * FROM user WHERE username='$username' AND password='$password'");
9.  $ada = mysql_num_rows($ambil);
10.  $data = mysql_fetch_array($ada);
11.  
12.  if ($username == '' or $password =='') {
13.     ?>
14.     <script>
15.         alert(username dan passwor tidak boleh kosong);
16.         window.location.href'index.php';
17.     </script
18.  <?php
19.  }
20.  else if ($ada > 0){
21.     $_SESSION['username'] = $data['username'];
22. ?>
23.     <script>
24.         window.location.href='menu.php';
25.     </script>
26. <?php
27. }
28. else {
29. ?>
30.     <script>
31.         alert('Maaf, username dan Password anda salah !!!');
32.         window.location.href='index.php';
33.     </script>
34. <?php
35. }
36. ?>