Make Assets::deleteFoldersByIds() more defensive

Resolves #16147
craftcms · Nov 19, 2024 · cbf4189 · cbf4189
1 parent 82e893f
commit cbf4189
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 1 deletion.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 ## Unreleased
 
+- Fixed an error that could occur if an invalid folder ID was passed to `craft\services\Assets::deleteFoldersByIds()`. ([#16147](https://github.com/craftcms/cms/pull/16147))
 - Fixed an RCE vulnerability.
 
 ## 4.13.1.1 - 2024-11-18

diff --git a/src/services/Assets.php b/src/services/Assets.php
@@ -310,9 +310,13 @@ public function deleteFoldersByIds(int|array $folderIds, bool $deleteDir = true)
 
         foreach ((array)$folderIds as $folderId) {
             $folder = $this->getFolderById((int)$folderId);
+            if (!$folder) {
+                continue;
+            }
+
             $folders[] = $folder;
 
-            if ($folder && $deleteDir) {
+            if ($folder->path && $deleteDir) {
                 $volume = $folder->getVolume();
                 try {
                     $volume->deleteDirectory($folder->path);