echo hash('sha256', $_POST['ppasscode']);$hash = hash('sha256', 'hello, world!');
var_dump($hash);
Could this be a typo? (two Ps in ppasscode, intended?)
$_POST['ppasscode'];
I would make sure and do:
print_r($_POST);
and make sure the data is accurate there, and then echo out what it should look like:
echo hash('sha256', $_POST['ppasscode']);
Compare this output to what you have in the database (manually). By doing this you're exploring your possible points of failure:
Getting password from form
hashing the password
stored password
comparison of the two.