diff --git a/src/app/resource/controllers/FolderPrintController.php b/src/app/resource/controllers/FolderPrintController.php
index ed9ffc39279169059b1e7231686b8b241e542e56..8afafef00a2c9526125da2b4c228c2b502676917 100755
--- a/src/app/resource/controllers/FolderPrintController.php
+++ b/src/app/resource/controllers/FolderPrintController.php
@@ -613,7 +613,7 @@ class FolderPrintController
             $displayContact = $displayContact['contact']['otherInfo'];
         }
 
-        $creator = UserModel::getByLogin(['login' => $attachment['typist']]);
+        $creator = UserModel::getById(['id' => $attachment['typist'], 'select' => ['firstname', 'lastname']]);
 
         $status = StatusModel::getById(['id' => $attachment['status'], 'select' => ['label_status']]);
         $status = $status['label_status'];
diff --git a/src/app/template/controllers/TemplateController.php b/src/app/template/controllers/TemplateController.php
index 3405767ad60d25272d7d697f6a36a94b443b32fd..9532508a12b75e4fdca3a6331afc2b7fea737be1 100755
--- a/src/app/template/controllers/TemplateController.php
+++ b/src/app/template/controllers/TemplateController.php
@@ -134,6 +134,14 @@ class TemplateController
         if ($body['type'] == 'OFFICE' || ($body['type'] == 'OFFICE_HTML' && !empty($body['file']['paper']['content']))) {
             $content = $body['type'] == 'OFFICE_HTML' ? $body['file']['paper']['content'] : $body['file']['content'];
             $format = $body['type'] == 'OFFICE_HTML' ? $body['file']['paper']['format'] : $body['file']['format'];
+
+            $fileContent = base64_decode($content);
+            $finfo    = new \finfo(FILEINFO_MIME_TYPE);
+            $mimeType = $finfo->buffer($fileContent);
+            if (!in_array($mimeType, self::AUTHORIZED_MIMETYPES)) {
+                return $response->withStatus(400)->withJson(['errors' => _WRONG_FILE_TYPE]);
+            }
+
             $storeResult = DocserverController::storeResourceOnDocServer([
                 'collId'            => 'templates',
                 'docserverTypeId'   => 'TEMPLATES',
@@ -203,6 +211,14 @@ class TemplateController
         if (($body['type'] == 'OFFICE' && !empty($body['file']['content'])) || ($body['type'] == 'OFFICE_HTML' && !empty($body['file']['paper']['content']))) {
             $content = $body['type'] == 'OFFICE_HTML' ? $body['file']['paper']['content'] : $body['file']['content'];
             $format = $body['type'] == 'OFFICE_HTML' ? $body['file']['paper']['format'] : $body['file']['format'];
+
+            $fileContent = base64_decode($content);
+            $finfo    = new \finfo(FILEINFO_MIME_TYPE);
+            $mimeType = $finfo->buffer($fileContent);
+            if (!in_array($mimeType, self::AUTHORIZED_MIMETYPES)) {
+                return $response->withStatus(400)->withJson(['errors' => _WRONG_FILE_TYPE]);
+            }
+
             $storeResult = DocserverController::storeResourceOnDocServer([
                 'collId'            => 'templates',
                 'docserverTypeId'   => 'TEMPLATES',
diff --git a/test/unitTests/app/template/TemplateControllerTest.php b/test/unitTests/app/template/TemplateControllerTest.php
index 096c23ad844c85d1cfdbcfe98245bdb8f416d59f..cbd81ed4c21f8332fe3bde51207d622634615d89 100755
--- a/test/unitTests/app/template/TemplateControllerTest.php
+++ b/test/unitTests/app/template/TemplateControllerTest.php
@@ -143,6 +143,30 @@ class TemplateControllerTest extends TestCase
         $this->assertIsInt($responseBody['template']);
         self::$id2 = $responseBody['template'];
 
+        ########## CREATE FAIL ##########
+        $fileContent = file_get_contents('test/unitTests/samples/test.txt');
+        $encodedFile = base64_encode($fileContent);
+
+        $aArgs = [
+            'label'                     => 'TEST TEMPLATE AR OFFICE',
+            'description'               => 'DESCRIPTION OF THIS TEMPLATE',
+            'target'                    => 'OFFICE',
+            'template_attachment_type'  => 'ARsimple',
+            'type'                      => 'OFFICE',
+            'datasource'                => 'letterbox_attachment',
+            'entities'                  => ['TST', 'BAD'],
+            'file'                      => [
+                'content'               => $encodedFile,
+                'format'                => 'txt'
+            ]
+        ];
+        $fullRequest = \httpRequestCustom::addContentInBody($aArgs, $request);
+
+        $response     = $templates->create($fullRequest, new \Slim\Http\Response());
+        $this->assertSame(400, $response->getStatusCode());
+        $responseBody = json_decode((string)$response->getBody(), true);
+        $this->assertSame(_WRONG_FILE_TYPE, $responseBody['errors']);
+
         $request        = \Slim\Http\Request::createFromEnvironment($environment);
 
         $aArgs = [
@@ -336,9 +360,6 @@ class TemplateControllerTest extends TestCase
 
         $response     = $templates->update($fullRequest, new \Slim\Http\Response(), ['id' => self::$id2]);
         $this->assertSame(204, $response->getStatusCode());
-        $responseBody = json_decode((string)$response->getBody(), true);
-
-        $this->assertSame("success", $responseBody['success']);
 
         ########## UPDATE FAIL MISSING PARAMETERS ##########