public static function verifyToken($token) { if (!isset($_SESSION['token'])) { self::generateToken(); return false; } return Database::hashVerify($token, $_SESSION['token']) === true; }