The following code passes on the username check, but fails on the password.

As you can see, the hashes are echoed, but for some reason, they output e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855, which is the sha256sum of /dev/null. As the password does not seem to echo at all, i can only assume it cannot get the POST, but why?

login

<form action="dologin" method="post">
Username: <input type="text" name="username">
Password: <input type="password" name="password">
<input type="submit">
</form>

dologin

    if ( $_POST[username] == $actualusername ) {
        // Hash the password
        $hashedpassword = hash('sha256', $_POST[password]);
        echo $_POST[password];
        echo $hashedpassword;
        if ( $hashedpassword == $actualpassword ) {
            echo '<h2>Logged in</h2>';
        } else {
        echo '<h2>Incorrect password</h2>';
        echo $hashedpassword;
        }
    } else {
        echo '<h2>Incorrect username</h2>';
    }

Does closing the input tags solve you problem? Also, you can use

isset($_POST["blabla"])

To test if the value is set in $_POST.