diff --git a/contrib/danbooru_api/main.php b/contrib/danbooru_api/main.php
index ad9cc13c..c2ad6ca8 100644
--- a/contrib/danbooru_api/main.php
+++ b/contrib/danbooru_api/main.php
@@ -112,7 +112,7 @@ class DanbooruApi extends Extension {
 			// Now we check if a file was uploaded or a url was provided to transload
 			// Much of this code is borrowed from /ext/upload
 
-			if($config->get_bool("upload_anon") || !$user->is_anonymous())
+			if($user->can("create_image"))
 			{
 				$file = null;
 				$filename = "";
diff --git a/contrib/oekaki/main.php b/contrib/oekaki/main.php
index 25b1605e..2c534889 100644
--- a/contrib/oekaki/main.php
+++ b/contrib/oekaki/main.php
@@ -10,7 +10,7 @@ class Oekaki extends Extension {
 		global $user, $page;
 
 		if($event->page_matches("oekaki")) {
-			if(!$this->can_upload($user)) {
+			if(!$user->can("create_image")) {
 				$this->theme->display_permission_denied();
 			}
 
@@ -84,14 +84,9 @@ class Oekaki extends Extension {
 	// FIXME: "edit this image" button on existing images?
 	function onPostListBuilding(PostListBuildingEvent $event) {
 		global $user, $page;
-		if($this->can_upload($user)) {
+		if($user->can("create_image")) {
 			$this->theme->display_block($page);
 		}
 	}
-
-	private function can_upload($user) {
-		global $config;
-		return ($config->get_bool("upload_anon") || !$user->is_anonymous());
-	}
 }
 ?>
diff --git a/core/userclass.class.php b/core/userclass.class.php
index 7cbd3e0d..38dae40f 100644
--- a/core/userclass.class.php
+++ b/core/userclass.class.php
@@ -57,6 +57,7 @@ new UserClass("base", null, array(
 	"delete_comment" => False,
 
 	"replace_image" => False,
+	"create_image" => False,
 	"edit_image_tag" => False,
 	"edit_image_source" => False,
 	"edit_image_owner" => False,
@@ -74,6 +75,7 @@ new UserClass("anonymous", "base", array(
 
 new UserClass("user", "base", array(
 	"big_search" => True,
+	"create_image" => True,
 	"edit_image_tag" => True,
 	"edit_image_source" => True,
 	"create_image_report" => True,
@@ -89,6 +91,7 @@ new UserClass("admin", "base", array(
 	"edit_user_password" => True,
 	"edit_user_info" => True,
 	"delete_user" => True,
+	"create_image" => True,
 	"delete_image" => True,
 	"delete_comment" => True,
 	"replace_image" => True,
diff --git a/ext/upload/main.php b/ext/upload/main.php
index 0d863186..f88db765 100644
--- a/ext/upload/main.php
+++ b/ext/upload/main.php
@@ -50,7 +50,6 @@ class Upload extends Extension {
 		global $config;
 		$config->set_default_int('upload_count', 3);
 		$config->set_default_int('upload_size', '1MB');
-		$config->set_default_bool('upload_anon', false);
 
 		// SHIT: fucking PHP "security" measures -_-;;;
 		$free_num = @disk_free_space(realpath("./images/"));
@@ -67,7 +66,7 @@ class Upload extends Extension {
 
 	public function onPostListBuilding(PostListBuildingEvent $event) {
 		global $user, $page;
-		if($this->can_upload($user)) {
+		if($user->can("create_image")) {
 			if($this->is_full) {
 				$this->theme->display_full($page);
 			}
@@ -93,7 +92,6 @@ class Upload extends Extension {
 		$sb->add_label("<i>PHP Limit = ".ini_get('max_file_uploads')."</i>");
 		$sb->add_shorthand_int_option("upload_size", "<br/>Max size per file: ");
 		$sb->add_label("<i>PHP Limit = ".ini_get('upload_max_filesize')."</i>");
-		$sb->add_bool_option("upload_anon", "<br/>Allow anonymous uploads: ");
 		$sb->add_choice_option("transload_engine", $tes, "<br/>Transload: ");
 		$event->panel->add_block($sb);
 	}
@@ -173,7 +171,7 @@ class Upload extends Extension {
 			}
 		}
 		else if($event->page_matches("upload")) {
-			if(!$this->can_upload($user)) {
+			if(!$user->can("create_image")) {
 				$this->theme->display_permission_denied();
 			}
 			else {
@@ -227,16 +225,6 @@ class Upload extends Extension {
 
 // do things {{{
 
-	/**
-	 * Check if a given user can upload.
-	 * @param $user The user to check.
-	 * @retval bool
-	 */
-	private function can_upload(User $user) {
-		global $config;
-		return ($config->get_bool("upload_anon") || !$user->is_anonymous());
-	}
-
 	/**
 	 * Returns a descriptive error message for the specified PHP error code.
 	 *