File Type of user agreement should be validated

[mburri]

Admins have to upload the user's written agreement as a pdf file. But this is never validated. You can actually upload files of any type, e.g. jpg, gif, shell scripts... whatever you want.

If you then download these files, you'll get it as PDF - and if you try to open this file - it actually tries to open this file in a pdf viewer - without success.