Hi @juanito,
Thanks for the link. I hadn’t seen this critical issue.
To @asmecher,
To be sure I understand correctly, if I pass the patch on version 3.1.2-4, this will remove the upload button on the tinyMCE plugin.
In OJS 3.2, there is an upload feature that doesn’t rely on JBimages.
Registered users with a role of reader, author or reviewer that he can assign himself will they still be able to upload any image in their profile contact for example ?
How can we prevent to upload any image in directory [OJS_HOME]/public/site/images/[OJS_LOGIN]/ which is accessible to the whole world with an URL like:
https://url_journal/public/site/images/[OJS_LOGIN]/prohibited_image.gif
Can we add a moderator role when a user is registered or a limited access to this public directory ?
Thanks again for your help.
Kind regards.
Helene