Manual:$wgEnableUploads

Details
When set to true, users will be allowed to upload images and other enabled files. Users will see an 'Upload file' link appearing in the toolbox on the bottom-left (usually), linking to the Special:Upload page. This appears for users with the 'upload' right (logged-in users by default)

IMPORTANT: Uploads need to be set up properly in order to be secure! There are several related configuration settings. It is recommended to read the more complete instructions at Manual:Configuring file uploads

When enabling file uploads, you must also make the images directory writable by the web server. Otherwise you will just see an error such as failed to open stream: Operation not permitted. Note that a web server writable directory is not insecure in itself, but can be thought of as the first half of a successful attack to your web server, as such you might like to explore alternatives using img_auth.php

Older versions
Prior to v1.5.0, $wgDisableUploads was used instead.