Image upload validation

[riklaunim]

• disallow uploading of other file types, probably with configuration option.
• disallow uploading files that slugify to empty string or other nonsense. (or use fallback name)