php文件上载验证未启动

我写了一个上传文件的脚本。当我在未选择文件或选择格式不正确的文件（例如exe文件）的情况下按“提交”按钮时，将显示“文件上载”消息。以页面顶部声明的格式加载文件没有问题，这部分工作正常

<?php
include "connect.php";
error_reporting(E_ERROR);
$message = $_GET['message'];

//function to check for valid image formats
function upload($file_upload, $dir){
$url ='';  
$finfo = finfo_open(FILEINFO_MIME_TYPE);
$file = finfo_file($finfo, $file_upload["tmp_name"]);

$allowedExts = array("gif", "jpeg", "jpg", "png", "pdf", "PDF", "doc", "DOC", "docx", "DOCX", "JPG", "JPEG", "PNG", "GIF");
$temp = explode(".", $file_upload["name"]);
$extension = end($temp);
if ((($file == "image/gif")
|| ($file == "image/jpeg")
|| ($file == "image/jpg")
|| ($file == "image/pjpeg")
|| ($file == "image/x-png")
|| ($file == "image/png"))
|| ($file == "application/pdf")
|| ($file == "application/msword")
|| ($file == "application/vnd.openxmlformats-officedocument.wordprocessingml.document")
&& ($file_upload["size"] < 7000000)
&& in_array($extension, $allowedExts))
{
if ($file_upload["error"] > 0){
$message = "An error occurred: " . $file_upload["error"] . "<br>";
}
else{
$path = $dir . $file_upload["name"];
move_uploaded_file($file_upload["tmp_name"],$path);
}
}
else
{
$message = "Wrong format";
}

return $path;
}

if (isset($_POST['Submit']))
{

//write data into database table
if (!$has_errors)
{
$Link = mysql_connect($Host, $User, $Password);
$path = upload($dir);
if(!empty($_FILES) && is_array($_FILES)){
$path = upload($_FILES["image"], "uploads/");
}
$Query = "INSERT INTO images VALUES ('','".mysql_escape_string($path)."')";
} else {

die("Query was: $Query. Error: ".mysql_error($Link));
}

if($sql = mysql_db_query ($DBName, $Query, $Link)) {
$message = "File Uploaded";
header("Location: index.php?message=".urlencode($message));
} else {
die("Query was: $Query. Error: ".mysql_error($Link));
}
}
?>