if ($uname eq '') {
 print "Please enter a username";
} elsif ($pword eq '') {
 print "Please enter a password";
} elsif ($sth->selectrow_array('SELECT COUNT(*) FROM '.$Tablename.
'WHERE username = 0x'.unpack('H*',$uname).
' AND password = 0x'.unpack('H*',$pword))) {
 # Successful login
 print "You're not logged in";
} else {
 print "Username or password wrong";
}
[download]

This code doesn't give you any information if the password is wrong or the username doesn't exist, it only says "ok" or "not ok", but this is what I prefer for login forms.
If you have different error messages for "user does not exist" and "password wrong", I could start guessing a username (as long as I get the "user does not exist" message). Then, once a valid username is known, guess the password for this user. Using one combined error message says: Maybe you got a non-existing user, maybe a wrong password, doesn't matter.

(You need to replace the "print" lines with whatever_generates_user_output_on_your_system.)