diff --git a/app/Http/Controllers/Api/BaseApiController.php b/app/Http/Controllers/Api/BaseApiController.php
index 5345062c8..61c8b9e8b 100644
--- a/app/Http/Controllers/Api/BaseApiController.php
+++ b/app/Http/Controllers/Api/BaseApiController.php
@@ -8,9 +8,15 @@ use App\Http\Controllers\{
     AvatarController
 };
 use Auth, Cache, URL;
-use App\{Avatar,Media,Profile};
+use App\{
+    Avatar,
+    Notification,
+    Media,
+    Profile
+};
 use App\Transformer\Api\{
     AccountTransformer,
+    NotificationTransformer,
     MediaTransformer,
     StatusTransformer
 };
@@ -35,6 +41,15 @@ class BaseApiController extends Controller
         $this->fractal->setSerializer(new ArraySerializer());
     }
 
+    public function notification(Request $request, $id)
+    {
+        $notification = Notification::findOrFail($id);
+        $resource = new Fractal\Resource\Item($notification, new NotificationTransformer());
+        $res = $this->fractal->createData($resource)->toArray();
+
+        return response()->json($res, 200, [], JSON_PRETTY_PRINT);
+    }
+
     public function accounts(Request $request, $id)
     {
         $profile = Profile::findOrFail($id);
@@ -173,6 +188,11 @@ class BaseApiController extends Controller
 
         $photo = $request->file('file');
 
+        $mimes = explode(',', config('pixelfed.media_types'));
+        if(in_array($photo->getMimeType(), $mimes) == false) {
+            return;
+        }
+
         $storagePath = "public/m/{$monthHash}/{$userHash}";
         $path = $photo->store($storagePath);
         $hash = \hash_file('sha256', $photo);
@@ -183,8 +203,8 @@ class BaseApiController extends Controller
         $media->user_id = $user->id;
         $media->media_path = $path;
         $media->original_sha256 = $hash;
-        $media->size = $photo->getClientSize();
-        $media->mime = $photo->getClientMimeType();
+        $media->size = $photo->getSize();
+        $media->mime = $photo->getMimeType();
         $media->filter_class = null;
         $media->filter_name = null;
         $media->save();
diff --git a/app/Http/Controllers/StatusController.php b/app/Http/Controllers/StatusController.php
index 80120c1be..605470f78 100644
--- a/app/Http/Controllers/StatusController.php
+++ b/app/Http/Controllers/StatusController.php
@@ -93,8 +93,15 @@ class StatusController extends Controller
         $photos = $request->file('photo');
         $order = 1;
         $mimes = [];
+        $medias = 0;
 
         foreach ($photos as $k => $v) {
+
+            $allowedMimes = explode(',', config('pixelfed.media_types'));
+            if(in_array($v->getMimeType(), $allowedMimes) == false) {
+                continue;
+            }
+
             $storagePath = "public/m/{$monthHash}/{$userHash}";
             $path = $v->store($storagePath);
             $hash = \hash_file('sha256', $v);
@@ -104,8 +111,8 @@ class StatusController extends Controller
             $media->user_id = $user->id;
             $media->media_path = $path;
             $media->original_sha256 = $hash;
-            $media->size = $v->getClientSize();
-            $media->mime = $v->getClientMimeType();
+            $media->size = $v->getSize();
+            $media->mime = $v->getMimeType();
             $media->filter_class = $request->input('filter_class');
             $media->filter_name = $request->input('filter_name');
             $media->order = $order;
@@ -113,8 +120,13 @@ class StatusController extends Controller
             array_push($mimes, $media->mime);
             ImageOptimize::dispatch($media);
             $order++;
+            $medias++;
         }
 
+        if($medias == 0) {
+            $status->delete();
+            return;
+        }
         $status->type = (new self)::mimeTypeCheck($mimes);
         $status->save();