From 148146167e55cea5e4a06346049cef4f153320d0 Mon Sep 17 00:00:00 2001
From: michalsn <michal@sniatala.pl>
Date: Sat, 9 Sep 2023 15:33:43 +0200
Subject: [PATCH] implement missing changes from the code review

---
 system/Security/Security.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/system/Security/Security.php b/system/Security/Security.php
index 1ab893aeff8f..534487efcc41 100644
--- a/system/Security/Security.php
+++ b/system/Security/Security.php
@@ -324,7 +324,8 @@ private function removeTokenInRequest(RequestInterface $request): void
             $request->setGlobal('post', $_POST);
         } else {
             $body = $request->getBody() ?? '';
-            if (! empty($json = json_decode($body)) && json_last_error() === JSON_ERROR_NONE) {
+            $json = json_decode($body);
+            if (! empty($json) && json_last_error() === JSON_ERROR_NONE) {
                 // We kill this since we're done and we don't want to pollute the JSON data.
                 unset($json->{$this->config->tokenName});
                 $request->setBody(json_encode($json));