See here jmareda.tk/roboti/uploader.php
The code is almost (maybe absolutely) the same as uploaded.
And about the file types: in older PHP versions, I can use file_content_mime_type (or somethink like that) but one of goals of the script was to test, if the professional upload servers are testing the mime type as I do, or they simply use the header.
Because, as we see here, if the script worked, the header could be faked...

About the values and arrays:
I've written the script to work witch array, which contains values and arrays together. It is because now i can know: Its an array - its a file upload. Otherwise, its a post field, which has only name, nothing else.

Actually, after some more tests, header changes and so on, i've really strong suspition, that there are some server anti hack on my or remote hosting.