To encrypt the data being sent from the browser to the server you need to have a security certificate attached to the web site. That certificate encrypts all of the information the browser sends using a key that only the specific web site knows how to decrypt.
The server can then apply the hash to the password before comparing it with the stored copy.
Sending the MD5 hash of the password in plain text doesn't provide any protection as that hash effectively is the password in that instance and anyone intercepting it would be able to use it to log in just the same as if the plain text version were sent. Only the encryption provided by the security certificate provides the protection from being intercepted.
All the examples ignore the step you are talking about because it doesn't serve any purpose.