User authentication in php

<?php

 session_start();

//Database Configuration File

include('includes/config.php');

//error_reporting(0);

if(isset($_POST['login']))

  {

 

    // Getting username/ email and password

     $uname=$_POST['username'];

    $password=$_POST['password'];

    // Fetch data from database on the basis of username/email and password

$sql =mysqli_query($con,"SELECT AdminUserName,AdminEmailId,AdminPassword,UserType FROM tablename WHERE (AdminUserName='$uname' || AdminEmailId='$uname') && UserType='admin'");

 $num=mysqli_fetch_array($sql);

if($num>0)

{

$hashpassword=md5($password); // Hashed password fething from database

//verifying Password

if ($hashpassword==$num['AdminPassword']) 

{

$_SESSION['login']=$_POST['username'];

    echo "<script type='text/javascript'> document.location = 'dashboard.php'; </script>";

  } else {

echo "<script>alert('Wrong Password');</script>";

 

  }

}

//if username or email not found in database

else{

echo "<script>alert('User not registered with us');</script>";

  }

 

}

?>