For file upload in your application, one important thing that you must consider is security, as improper design and configuration will make your application vulnerable to attacks.
Here are a few security tips that may be useful to you.
• File Size – Have some limit in uploaded file sizes
• Always Check content type & and also check against list of allowed file types
• Never store files with user supplied files names. Always generate a unique file name, by appending Unique, non guessable ID’s, timestamps, random numbers etc.
• Make sure anti virus (with up to date signatures) is installed and enabled for monitoring of incoming & outgoing files
• As industry practice uploaded foldern files should not be a part of your source directory
• Access to uploaded file share should be given on need to know basis