- if ( $this->isAnon() ) {
- return $val === self::EDIT_TOKEN_SUFFIX;
- }
-
- $timestamp = self::getEditTokenTimestamp( $val );
- if ( $timestamp === null ) {
- return false;
- }
- if ( $maxage !== null && $timestamp < wfTimestamp() - $maxage ) {
- // Expired token
- return false;
- }
-
- $sessionToken = $this->getEditTokenAtTimestamp(
- $salt, $request ?: $this->getRequest(), $timestamp
- );
-
- if ( !hash_equals( $sessionToken, $val ) ) {
- wfDebug( "User::matchEditToken: broken session data\n" );
- }
-
- return hash_equals( $sessionToken, $val );