Why isn't my PHP SHA256 hash equivalent to C# SHA256Managed hash

Question

Why aren\'t these the same?

php:

    $hash = hash(\'sha256\', $userData[\'salt\'] . hash(\'sha256\', $password) );

c#

Answer 1

C# is outputting a base64 ecoded string, and PHP is outputting a number in hex. A better comparison might be to pass the parameter true to the end of the hash function of PHP and base64 the result:

 $hash = base64_encode(
           hash('sha256', $userData['salt'] . hash('sha256', $password), true )
         );