$utils::is_token_false_positive is fiddly and unstable

[jrfnl]

The Utils::is_token_false_positive() method required sniffs to pass two tokens. The second token is calculated, not retrieved via token walking and may therefore be incorrect.

The method basically expects code to be written like so:

$_SERVER['key'];

... but all of the below are valid PHP and would fail the check because of the token calculation:

$_SERVER ['key'];
$_SERVER[ 'key' ];
$_SERVER[/*comment*/ 'key' ];
... etc...

[jrfnl]

I have a fix ready for this, but would like to pull it accompanied by unit tests - see #57.