public static function verifyToken($token) { if (!isset($_SESSION['token'])) { self::generateToken(); return false; } return Database::samePassword($_SESSION['token'], $token) === true; }