Even with it enabled, I don’t believe the security is any better. You can right click on the temp file URL and copy it. Then you can “delete” the attachment, and simply paste the URL into the post.
For me the fix was :
class.editor.plugin.php line 998:
if ($category && $category['AllowFileUploads'] !=1 .....
if ($category && $category['AllowFileUploads'] !==1
As the database seemed to return a string not an integer...
FYI My live install is on shared linux hosting and returns "1".
I have a local install on windows IIS which returns 1.
!=1 will work for 1 or "1"
You're a legend @murrayZ .... THANKYOU.
For what its' worth, this problem still exists in 3.0.1.
I created a PR on vanilla's github.
Awesome! The PR is appreciated. Not 100% why we haven’t experienced this ourselves but I’ll take a look tomorrow.
As this bug affects 3.0 as well I’m going to go move over the thread too.
Also I have a problem where the discussion count is not incrementing.
This makes mention of integers being returned as strings depending on PDO settings... this smells of the same issue...I may be wrong...
@murrayZ - I have that problem too!!