Currently, there exist models (typically from plugins) that allow files to be provided and saved on the server, then associated with a record. However, the files are expected to already be uploaded (as is the case with multipart POST requests from a browser), such as to the server's temporary directory. Then, a reference to that file (typically php's $_FILES) can be provided to the models and they can take care of the rest.

There is currently no method by which a file itself can be uploaded via the API. I propose creating a new API end-point that:

1. Accepts a file, a name for the file, the file size, and the file MIME type
   • We can then quickly check the file size/mime-type and return an error if it is invalid or if it does not match the actual file size of the file provided
2. Writes the file to a temporary upload directory, and saves a reference to it in a new database table for file uploads
3. Returns to the API callee the ID of the database table representing the file

Additionally, we would have a separate tasks that:

1. Create a model that adds/gets/deletes files, and also fetches file information so that a $_FILES reference can be constructed (e.g. 'tmp_name', 'file_size')

   • [file] => Array
             (
                 [name] => filename.jpg
                 [type] => image/jpeg
                 [tmp_name] => /tmp/php/php1hvt23
                 [error] => UPLOAD_ERR_OK
                 [size] => 98174
             )

2. (cron) Purge the temporary upload directory and file references in the database table for all files older than 24 hours