antoniomv3
commented
5 years ago 
I've updated the jquery to check file types after the user selects files and before they are able to click upload. If there is a file that is not .jpg or .jpeg it will alert the user and clear the selection. This solution is sufficient for our needs so the issue will be marked as closed, but client side validation can be spoofed so server side validation would need to be implemented in the future.
We need server side confirmation that uploads are, in fact, JPEG photos.
Though our system file explorer is looking for JPEG photos by default, it is possible to upload any desired file type. We learned this the hard way a few days ago when our server had several PHP files uploaded to it that were running some kind of code that looked fishy to say the least. Luckily there were no charges to our account and our system was not harmed in any way, as far as we can tell.