Make WordPress Core

Changeset 49270


Ignore:
Timestamp:
10/22/2020 02:34:16 AM (4 years ago)
Author:
TimothyBlynJacobs
Message:

App Passwords: Explain that apps can access to all sites in a network.

Props georgestephanis, spacedmonkey, johnjamesjacoby, SergeyBiryukov, marybaum.
Fixes #51489.

Location:
trunk/src/wp-admin
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/src/wp-admin/authorize-application.php

    r49110 r49270  
    121121            <p><?php _e( 'Would you like to give this application access to your account? You should only do this if you trust the app in question.' ); ?></p>
    122122        <?php endif; ?>
     123
     124        <?php
     125        if ( is_multisite() ) {
     126            $blogs = get_blogs_of_user( $user->ID, true );
     127            if ( count( $blogs ) > 1 ) {
     128                ?>
     129                <p>
     130                <?php
     131                    printf(
     132                        /* translators: 1: url to my-sites.php, 2: Number of blogs the user has. */
     133                        _n(
     134                            'This will grant access to <a href="%1$s">the %2$s blog in this installation that you have permissions on</a>.',
     135                            'This will grant access to <a href="%1$s">all %2$s blogs in this installation that you have permissions on</a>.',
     136                            count( $blogs )
     137                        ),
     138                        admin_url( 'my-sites.php' ),
     139                        number_format_i18n( count( $blogs ) )
     140                    );
     141                ?>
     142                </p>
     143                <?php
     144            }
     145        }
     146        ?>
    123147
    124148        <?php if ( $new_password ) : ?>
  • trunk/src/wp-admin/user-edit.php

    r49251 r49270  
    716716        <h2><?php _e( 'Application Passwords' ); ?></h2>
    717717        <p><?php _e( 'Application passwords allow authentication via non-interactive systems, such as XML-RPC or the REST API, without providing your actual password. Application passwords can be easily revoked. They cannot be used for traditional logins to your website.' ); ?></p>
     718            <?php
     719            if ( is_multisite() ) {
     720                $blogs = get_blogs_of_user( $user_id, true );
     721                if ( count( $blogs ) > 1 ) {
     722                    ?>
     723                    <p>
     724                    <?php
     725                    printf(
     726                        /* translators: 1: url to my-sites.php, 2: Number of blogs the user has. */
     727                        _n(
     728                            'Application passwords grant access to <a href="%1$s">the %2$s blog in this installation that you have permissions on</a>.',
     729                            'Application passwords grant access to <a href="%1$s">all %2$s blogs in this installation that you have permissions on</a>.',
     730                            count( $blogs )
     731                        ),
     732                        admin_url( 'my-sites.php' ),
     733                        number_format_i18n( count( $blogs ) )
     734                    );
     735                    ?>
     736                    </p>
     737                    <?php
     738                }
     739            }
     740            ?>
    718741        <div class="create-application-password">
    719742            <label for="new_application_password_name" class="screen-reader-text"><?php _e( 'New Application Password Name' ); ?></label>
Note: See TracChangeset for help on using the changeset viewer.