sha256 encryption in php
Could this be a typo? (two Ps in ppasscode, intended?) $_POST['ppasscode']; I would make sure and do: print_r($_POST); and make sure the data is accurate there, and then echo out what it should look like: echo hash('sha256', $_POST['ppasscode']); Compare this output to what you have in the database (manually). By doing this you're exploring your possible points of failure: Getting password from form hashing the password stored password comparison of the two.