diff --git a/appinfo/info.xml b/appinfo/info.xml
index 1bd047f25b..5f6d421a4a 100644
--- a/appinfo/info.xml
+++ b/appinfo/info.xml
@@ -13,7 +13,7 @@
 - **🙋 Get involved!** We have lots of stuff planned like more question types, collaboration on forms, [and much more](https://github.com/nextcloud/forms/milestones)!
 	]]></description>
 
-	<version>4.2.3</version>
+	<version>4.2.4</version>
 	<licence>agpl</licence>
 
 	<author>Affan Hussain</author>
@@ -54,6 +54,10 @@
 		<nextcloud min-version="28" max-version="29" />
 	</dependencies>
 
+	<background-jobs>
+		<job>OCA\Forms\BackgroundJob\CleanupUploadedFilesJob</job>
+	</background-jobs>
+
 	<settings>
 		<admin>OCA\Forms\Settings\Settings</admin>
 		<admin-section>OCA\Forms\Settings\SettingsSection</admin-section>
diff --git a/appinfo/routes.php b/appinfo/routes.php
index bfb2e00947..0c1fea1a9e 100644
--- a/appinfo/routes.php
+++ b/appinfo/routes.php
@@ -331,6 +331,14 @@
 				'apiVersion' => 'v2(\.[1-4])?'
 			]
 		],
+		[
+			'name' => 'api#uploadFiles',
+			'url' => '/api/{apiVersion}/uploadFiles/{formId}/{questionId}',
+			'verb' => 'POST',
+			'requirements' => [
+				'apiVersion' => 'v2.5'
+			]
+		],
 		[
 			'name' => 'api#insertSubmission',
 			'url' => '/api/{apiVersion}/submission/insert',
diff --git a/composer.json b/composer.json
index 1c0bf18cce..bc3b261634 100644
--- a/composer.json
+++ b/composer.json
@@ -30,7 +30,8 @@
 		"phpunit/phpunit": "^9"
 	},
 	"require": {
-		"phpoffice/phpspreadsheet": "^2.0"
+		"phpoffice/phpspreadsheet": "^2.0",
+		"symfony/polyfill-uuid": "^1.29"
 	},
 	"extra": {
 		"bamarni-bin": {
diff --git a/composer.lock b/composer.lock
index 81c84c0687..7f5eee6ddb 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
         "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
         "This file is @generated automatically"
     ],
-    "content-hash": "9f8bb75cc8745c84b1408667f1ed4c46",
+    "content-hash": "2439cfdde1500d089bad47f8cd74d27c",
     "packages": [
         {
             "name": "maennchen/zipstream-php",
@@ -962,6 +962,85 @@
             ],
             "time": "2024-01-29T20:11:03+00:00"
         },
+        {
+            "name": "symfony/polyfill-uuid",
+            "version": "v1.29.0",
+            "source": {
+                "type": "git",
+                "url": "https://github.com/symfony/polyfill-uuid.git",
+                "reference": "3abdd21b0ceaa3000ee950097bc3cf9efc137853"
+            },
+            "dist": {
+                "type": "zip",
+                "url": "https://api.github.com/repos/symfony/polyfill-uuid/zipball/3abdd21b0ceaa3000ee950097bc3cf9efc137853",
+                "reference": "3abdd21b0ceaa3000ee950097bc3cf9efc137853",
+                "shasum": ""
+            },
+            "require": {
+                "php": ">=7.1"
+            },
+            "provide": {
+                "ext-uuid": "*"
+            },
+            "suggest": {
+                "ext-uuid": "For best performance"
+            },
+            "type": "library",
+            "extra": {
+                "thanks": {
+                    "name": "symfony/polyfill",
+                    "url": "https://github.com/symfony/polyfill"
+                }
+            },
+            "autoload": {
+                "files": [
+                    "bootstrap.php"
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Uuid\\": ""
+                }
+            },
+            "notification-url": "https://packagist.org/downloads/",
+            "license": [
+                "MIT"
+            ],
+            "authors": [
+                {
+                    "name": "Grégoire Pineau",
+                    "email": "lyrixx@lyrixx.info"
+                },
+                {
+                    "name": "Symfony Community",
+                    "homepage": "https://symfony.com/contributors"
+                }
+            ],
+            "description": "Symfony polyfill for uuid functions",
+            "homepage": "https://symfony.com",
+            "keywords": [
+                "compatibility",
+                "polyfill",
+                "portable",
+                "uuid"
+            ],
+            "support": {
+                "source": "https://github.com/symfony/polyfill-uuid/tree/v1.29.0"
+            },
+            "funding": [
+                {
+                    "url": "https://symfony.com/sponsor",
+                    "type": "custom"
+                },
+                {
+                    "url": "https://github.com/fabpot",
+                    "type": "github"
+                },
+                {
+                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
+                    "type": "tidelift"
+                }
+            ],
+            "time": "2024-01-29T20:11:03+00:00"
+        },
         {
             "name": "voku/anti-xss",
             "version": "4.1.42",
diff --git a/docs/API.md b/docs/API.md
index 86f72b4306..7fa5cacf80 100644
--- a/docs/API.md
+++ b/docs/API.md
@@ -28,6 +28,8 @@ This file contains the API-Documentation. For more information on the returned D
 - Completely new way of handling access & shares.
 
 ### Other API changes
+- In API version 2.5 the following endpoints were introduced:
+  - `POST /api/2.5/uploadFiles/{formId}/{questionId}` to upload files to answer before form submitting
 - In API version 2.4 the following endpoints were introduced:
   - `POST /api/2.4/form/link/{fileFormat}` to link form to a file
   - `POST /api/2.4/form/unlink` to unlink form from a file
@@ -629,6 +631,21 @@ Delete all Submissions to a form
 "data": 3
 ```
 
+### Upload a file
+Upload a files to answer before form submitting
+- Endpoint: `/api/2.5/uploadFiles/{formId}/{questionId}`
+- Method: `POST`
+- Parameters:
+  | Parameter | Type    | Description |
+  |-----------|---------|-------------|
+  | _formId_  | Integer | ID of the form to upload the file to |
+  | _questionId_ | Integer | ID of the question to upload the file to |
+  | _files_    | Array of files  | Files to upload |
+- Response: **Status-Code OK**, as well as the id of the uploaded file and it's name.
+```
+"data": {"uploadedFileId": "uuid4", "fileName": "string"}
+```
+
 ### Insert a Submission
 Store Submission to Database
 - Endpoint: `/api/v2.4/submission/insert`
@@ -644,10 +661,15 @@ Store Submission to Database
   - QuestionID as key
   - An **array** of values as value --> Even for short Text Answers, wrapped into Array.
   - For Question-Types with pre-defined answers (`multiple`, `multiple_unique`, `dropdown`), the array contains the corresponding option-IDs.
+  - For File-Uploads, the array contains the objects with key `uploadedFileId` (value from Upload a file endpoint).
   ```
   {
     "1":[27,32],              // dropdown or multiple
     "2":["ShortTextAnswer"],  // All Text-Based Question-Types
+    "3":[                     // File-Upload
+        {"uploadedFileId": "uuid4"},
+        {"uploadedFileId": "uuid4"}
+    ],
   }
   ```
 - Response: **Status-Code OK**.
diff --git a/docs/DataStructure.md b/docs/DataStructure.md
index 4c6f7345de..a5865bf42f 100644
--- a/docs/DataStructure.md
+++ b/docs/DataStructure.md
@@ -194,11 +194,15 @@ Currently supported Question-Types are:
 ## Extra Settings
 Optional extra settings for some [Question Types](#question-types)
 
-| Extra Setting      | Question Type | Type    | Values | Description |
-|--------------------|---------------|---------|--------|-------------|
-| `allowOtherAnswer` | `multiple, multiple_unique` | Boolean | `true/false` | Allows the user to specify a custom answer |
-| `shuffleOptions`   | `dropdown, multiple, multiple_unique` | Boolean | `true/false` | The list of options should be shuffled |
-| `optionsLimitMax`  | `multiple`    | Integer | -      | Maximum number of options that can be selected |
-| `optionsLimitMin`  | `multiple`    | Integer | -      | Minimum number of options that must be selected |
-| `validationType`   | `short` | string | `null, 'phone', 'email', 'regex', 'number'` | Custom validation for checking a submission |
-| `validationRegex`  | `short` | string | regular expression | if `validationType` is 'regex' this defines the regular expression to apply |
+| Extra Setting           | Question Type                         | Type             | Values                                      | Description                                                                 |
+|-------------------------|---------------------------------------|------------------|---------------------------------------------|-----------------------------------------------------------------------------|
+| `allowOtherAnswer`      | `multiple, multiple_unique`           | Boolean          | `true/false`                                | Allows the user to specify a custom answer                                  |
+| `shuffleOptions`        | `dropdown, multiple, multiple_unique` | Boolean          | `true/false`                                | The list of options should be shuffled                                      |
+| `optionsLimitMax`       | `multiple`                            | Integer          | -                                           | Maximum number of options that can be selected                              |
+| `optionsLimitMin`       | `multiple`                            | Integer          | -                                           | Minimum number of options that must be selected                             |
+| `validationType`        | `short`                               | string           | `null, 'phone', 'email', 'regex', 'number'` | Custom validation for checking a submission                                 |
+| `validationRegex`       | `short`                               | string           | regular expression                          | if `validationType` is 'regex' this defines the regular expression to apply |
+| `allowedFileTypes`      | `file`                                | Array of strings | `'image', 'x-office/document'`              | Allowed file types for file upload                                          |
+| `allowedFileExtensions` | `file`                                | Array of strings | `'jpg', 'png'`                              | Allowed file extensions for file upload                                     |
+| `maxAllowedFilesCount`  | `file`                                | Integer          | -                                           | Maximum number of files that can be uploaded, 0 means no limit              |
+| `maxFileSize`           | `file`                                | Integer          | -                                           | Maximum file size in bytes, 0 means no limit                                |
diff --git a/lib/BackgroundJob/CleanupUploadedFilesJob.php b/lib/BackgroundJob/CleanupUploadedFilesJob.php
new file mode 100644
index 0000000000..dd24d03d24
--- /dev/null
+++ b/lib/BackgroundJob/CleanupUploadedFilesJob.php
@@ -0,0 +1,92 @@
+<?php
+
+namespace OCA\Forms\BackgroundJob;
+
+use OCA\Forms\Constants;
+use OCA\Forms\Db\FormMapper;
+use OCA\Forms\Db\UploadedFileMapper;
+use OCP\AppFramework\Utility\ITimeFactory;
+use OCP\BackgroundJob\TimedJob;
+use OCP\Files\Folder;
+use OCP\Files\IRootFolder;
+use Psr\Log\LoggerInterface;
+
+class CleanupUploadedFilesJob extends TimedJob {
+	private const FILE_LIFETIME = '-2 days';
+
+	public function __construct(
+		private IRootFolder $storage,
+		private FormMapper $formMapper,
+		private UploadedFileMapper $uploadedFileMapper,
+		private LoggerInterface $logger,
+		ITimeFactory $time) {
+		parent::__construct($time);
+
+		$this->setInterval(60 * 60 * 24);
+
+	}
+
+	/**
+	 * @param array $argument
+	 */
+	public function run($argument): void {
+		$dateTime = new \DateTimeImmutable(self::FILE_LIFETIME);
+
+		$this->logger->info('Deleting files that were uploaded before {before} and still not submitted.', [
+			'before' => $dateTime->format(\DateTimeImmutable::ATOM),
+		]);
+
+		$uploadedFiles = $this->uploadedFileMapper->findUploadedEarlierThan($dateTime);
+
+		$deleted = 0;
+		$usersToCleanup = [];
+		foreach ($uploadedFiles as $uploadedFile) {
+			$this->logger->info('Deleting uploaded file "{originalFileName}" for form {formId}.', [
+				'originalFileName' => $uploadedFile->getOriginalFileName(),
+				'formId' => $uploadedFile->getFormId(),
+			]);
+
+			$form = $this->formMapper->findById($uploadedFile->getFormId());
+			$usersToCleanup[$form->getOwnerId()] = true;
+			$userFolder = $this->storage->getUserFolder($form->getOwnerId());
+
+			$nodes = $userFolder->getById($uploadedFile->getFileId());
+
+			if (!empty($nodes)) {
+				$node = $nodes[0];
+				$node->delete();
+			} else {
+				$this->logger->warning('Could not find uploaded file "{fileId}" for deletion.', [
+					'fileId' => $uploadedFile->getFileId(),
+				]);
+			}
+
+			$this->uploadedFileMapper->delete($uploadedFile);
+
+			$deleted++;
+		}
+
+		$this->logger->info('Deleted {deleted} uploaded files.', ['deleted' => $deleted]);
+
+		// now delete empty folders in user folders
+		$deleted = 0;
+		foreach (array_keys($usersToCleanup) as $userId) {
+			$this->logger->info('Cleaning up empty folders for user {userId}.', ['userId' => $userId]);
+			$userFolder = $this->storage->getUserFolder($userId);
+
+			$unsubmittedFilesFolder = $userFolder->get(Constants::UNSUBMITTED_FILES_FOLDER);
+			if (!$unsubmittedFilesFolder instanceof Folder) {
+				continue;
+			}
+
+			foreach ($unsubmittedFilesFolder->getDirectoryListing() as $node) {
+				if ($node->getName() < $dateTime->getTimestamp()) {
+					$node->delete();
+					$deleted++;
+				}
+			}
+		}
+
+		$this->logger->info('Deleted {deleted} folders.', ['deleted' => $deleted]);
+	}
+}
diff --git a/lib/Constants.php b/lib/Constants.php
index e40e1971c0..7ed8fff135 100644
--- a/lib/Constants.php
+++ b/lib/Constants.php
@@ -91,6 +91,7 @@ class Constants {
 	public const ANSWER_TYPE_DATE = 'date';
 	public const ANSWER_TYPE_DATETIME = 'datetime';
 	public const ANSWER_TYPE_TIME = 'time';
+	public const ANSWER_TYPE_FILE = 'file';
 
 	// All AnswerTypes
 	public const ANSWER_TYPES = [
@@ -101,7 +102,8 @@ class Constants {
 		self::ANSWER_TYPE_LONG,
 		self::ANSWER_TYPE_DATE,
 		self::ANSWER_TYPE_DATETIME,
-		self::ANSWER_TYPE_TIME
+		self::ANSWER_TYPE_TIME,
+		self::ANSWER_TYPE_FILE,
 	];
 
 	// AnswerTypes, that need/have predefined Options
@@ -155,6 +157,21 @@ class Constants {
 		'validationRegex' => ['string'],
 	];
 
+	public const EXTRA_SETTINGS_FILE = [
+		'allowedFileTypes',
+		'allowedFileExtensions',
+		'maxAllowedFilesCount',
+		'maxFileSize',
+	];
+
+	// should be in sync with FileTypes.js
+	public const EXTRA_SETTINGS_ALLOWED_FILE_TYPES = [
+		'image',
+		'x-office/document',
+		'x-office/presentation',
+		'x-office/spreadsheet',
+	];
+
 	/**
 	 * !! Keep in sync with src/mixins/ShareTypes.js !!
 	 */
@@ -204,4 +221,8 @@ class Constants {
 	];
 
 	public const DEFAULT_FILE_FORMAT = 'csv';
+
+	public const UNSUBMITTED_FILES_FOLDER = 'forms/unsubmitted';
+
+	public const FILES_FOLDER = 'forms';
 }
diff --git a/lib/Controller/ApiController.php b/lib/Controller/ApiController.php
index ad0a9bcc8d..3fe483a9e8 100644
--- a/lib/Controller/ApiController.php
+++ b/lib/Controller/ApiController.php
@@ -40,6 +40,8 @@
 use OCA\Forms\Db\ShareMapper;
 use OCA\Forms\Db\Submission;
 use OCA\Forms\Db\SubmissionMapper;
+use OCA\Forms\Db\UploadedFile;
+use OCA\Forms\Db\UploadedFileMapper;
 use OCA\Forms\Service\ConfigService;
 use OCA\Forms\Service\FormsService;
 use OCA\Forms\Service\SubmissionService;
@@ -48,10 +50,13 @@
 use OCP\AppFramework\Db\IMapperException;
 use OCP\AppFramework\Http\DataDownloadResponse;
 use OCP\AppFramework\Http\DataResponse;
+use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\OCS\OCSBadRequestException;
 use OCP\AppFramework\OCS\OCSForbiddenException;
 use OCP\AppFramework\OCS\OCSNotFoundException;
 use OCP\AppFramework\OCSController;
+use OCP\Files\IMimeTypeDetector;
+use OCP\Files\IRootFolder;
 use OCP\Files\NotFoundException;
 use OCP\IL10N;
 use OCP\IRequest;
@@ -81,6 +86,9 @@ public function __construct(
 		private IL10N $l10n,
 		private LoggerInterface $logger,
 		private IUserManager $userManager,
+		private IRootFolder $storage,
+		private UploadedFileMapper $uploadedFileMapper,
+		private IMimeTypeDetector $mimeTypeDetector,
 	) {
 		parent::__construct($appName, $request);
 		$this->currentUser = $userSession->getUser();
@@ -918,14 +926,19 @@ public function getSubmissions(string $hash): DataResponse {
 	/**
 	 * Insert answers for a question
 	 *
+	 * @param Form $form
 	 * @param int $submissionId
 	 * @param array $question
-	 * @param array $answerArray [arrayOfString]
+	 * @param string[]|array<array{uploadedFileId: string, uploadedFileName: string}> $answerArray
 	 */
-	private function storeAnswersForQuestion($submissionId, array $question, array $answerArray) {
+	private function storeAnswersForQuestion(Form $form, $submissionId, array $question, array $answerArray) {
 		foreach ($answerArray as $answer) {
-			$answerText = '';
+			$answerEntity = new Answer();
+			$answerEntity->setSubmissionId($submissionId);
+			$answerEntity->setQuestionId($question['id']);
 
+			$answerText = '';
+			$uploadedFile = null;
 			// Are we using answer ids as values
 			if (in_array($question['type'], Constants::ANSWER_TYPES_PREDEFINED)) {
 				// Search corresponding option, skip processing if not found
@@ -935,6 +948,23 @@ private function storeAnswersForQuestion($submissionId, array $question, array $
 				} elseif (!empty($question['extraSettings']['allowOtherAnswer']) && strpos($answer, Constants::QUESTION_EXTRASETTINGS_OTHER_PREFIX) === 0) {
 					$answerText = str_replace(Constants::QUESTION_EXTRASETTINGS_OTHER_PREFIX, "", $answer);
 				}
+			} elseif ($question['type'] === Constants::ANSWER_TYPE_FILE) {
+				$uploadedFile = $this->uploadedFileMapper->findByUploadedFileId($answer['uploadedFileId']);
+				$answerEntity->setFileId($uploadedFile->getFileId());
+
+				$userFolder = $this->storage->getUserFolder($form->getOwnerId());
+				$path = $this->formsService->getUploadedFilePath($form, $submissionId, $question['id'], $question['name'], $question['text']);
+
+				if ($userFolder->nodeExists($path)) {
+					$folder = $userFolder->get($path);
+				} else {
+					$folder = $userFolder->newFolder($path);
+				}
+
+				$file = $userFolder->getById($uploadedFile->getFileId())[0];
+				$file->move($folder->getPath() . '/' . $file->getName());
+
+				$answerText = $file->getName();
 			} else {
 				$answerText = $answer; // Not a multiple-question, answerText is given answer
 			}
@@ -943,12 +973,135 @@ private function storeAnswersForQuestion($submissionId, array $question, array $
 				continue;
 			}
 
-			$answerEntity = new Answer();
-			$answerEntity->setSubmissionId($submissionId);
-			$answerEntity->setQuestionId($question['id']);
 			$answerEntity->setText($answerText);
 			$this->answerMapper->insert($answerEntity);
+			if ($uploadedFile) {
+				$this->uploadedFileMapper->delete($uploadedFile);
+			}
+		}
+	}
+
+
+	/**
+	 * @CORS
+	 * @NoAdminRequired
+	 * @PublicPage
+	 *
+	 * Uploads a temporary files to the server during form filling
+	 *
+	 * @return Response
+	 */
+	public function uploadFiles(int $formId, int $questionId, string $shareHash = ''): Response {
+		$this->logger->debug('Uploading files for formId: {formId}, questionId: {questionId}',
+			['formId' => $formId, 'questionId' => $questionId]);
+
+		$uploadedFiles = [];
+		foreach ($this->request->getUploadedFile('files') as $key => $files) {
+			foreach ($files as $i => $value) {
+				$uploadedFiles[$i][$key] = $value;
+			}
+		}
+
+		if (!count($uploadedFiles)) {
+			throw new OCSBadRequestException($this->l10n->t('No file provided'));
+		}
+
+		$form = $this->loadFormForSubmission($formId, $shareHash);
+
+		if (!$this->formsService->canSubmit($form)) {
+			throw new OCSForbiddenException('Already submitted');
+		}
+
+		try {
+			$question = $this->questionMapper->findById($questionId);
+		} catch (IMapperException $e) {
+			$this->logger->debug('Could not find question with id {questionId}', ['questionId' => $questionId]);
+			throw new OCSBadRequestException(previous: $e instanceof \Exception ? $e : null);
 		}
+
+		$path = $this->formsService->getTemporaryUploadedFilePath($form, $question);
+
+		$response = [];
+		foreach ($uploadedFiles as $uploadedFile) {
+			$error = $uploadedFile['error'] ?? 0;
+			if ($error !== UPLOAD_ERR_OK) {
+				$this->logger->error('Failed to get the uploaded file. PHP file upload error code: ' . $error,
+					['file_name' => $uploadedFile['name']]);
+
+				throw new OCSBadRequestException($this->l10n->t('Failed to upload the file "%s".', [$uploadedFile['name']]));
+			}
+
+			if (!is_uploaded_file($uploadedFile['tmp_name'])) {
+				throw new OCSBadRequestException($this->l10n->t('Invalid file provided'));
+			}
+
+			$userFolder = $this->storage->getUserFolder($form->getOwnerId());
+			$userFolder->getStorage()->verifyPath($path, $uploadedFile['name']);
+
+			$extraSettings = $question->getExtraSettings();
+			if ($extraSettings['maxFileSize'] > 0 && $uploadedFile['size'] > $extraSettings['maxFileSize']) {
+				throw new OCSBadRequestException($this->l10n->t('File size exceeds the maximum allowed size of %s bytes.',
+					[$extraSettings['maxFileSize']]
+				));
+			}
+
+			if (!empty($extraSettings['allowedFileTypes']) || !empty($extraSettings['allowedFileExtensions'])) {
+				$mimeType = $this->mimeTypeDetector->detectContent($uploadedFile['tmp_name']);
+				$secureMimeType = $this->mimeTypeDetector->getSecureMimeType($mimeType);
+
+				$valid = false;
+				foreach ($extraSettings['allowedFileTypes'] ?? [] as $allowedFileType) {
+					if (str_starts_with($secureMimeType, $allowedFileType)) {
+						$valid = true;
+						break;
+					}
+				}
+
+				if (!$valid && !empty($extraSettings['allowedFileExtensions'])) {
+					$mimeTypesPerExtension = method_exists($this->mimeTypeDetector, 'getAllMappings')
+						? $this->mimeTypeDetector->getAllMappings() : [];
+					foreach ($extraSettings['allowedFileExtensions'] as $allowedFileExtension) {
+						if (isset($mimeTypesPerExtension[$allowedFileExtension])
+							&& in_array($mimeType, $mimeTypesPerExtension[$allowedFileExtension])) {
+							$valid = true;
+							break;
+						}
+					}
+				}
+
+				if (!$valid) {
+					throw new OCSBadRequestException($this->l10n->t('File type is not allowed. Allowed file types: %s',
+						implode(', ', array_merge($extraSettings['allowedFileTypes'] ?? [], $extraSettings['allowedFileExtensions'] ?? []))
+					));
+				}
+			}
+
+			if ($userFolder->nodeExists($path)) {
+				$folder = $userFolder->get($path);
+			} else {
+				$folder = $userFolder->newFolder($path);
+			}
+			/** @var \OCP\Files\Folder $folder */
+
+			$fileName = $folder->getNonExistingName($uploadedFile['name']);
+			$file = $folder->newFile($fileName, file_get_contents($uploadedFile['tmp_name']));
+
+			$uploadedFileId = uuid_create(\UUID_TYPE_RANDOM);
+			$uploadedFileEntity = new UploadedFile();
+			$uploadedFileEntity->setId($uploadedFileId);
+			$uploadedFileEntity->setFormId($formId);
+			$uploadedFileEntity->setOriginalFileName($fileName);
+			$uploadedFileEntity->setFileId($file->getId());
+			$uploadedFileEntity->setCreated(time());
+			$this->uploadedFileMapper->insert($uploadedFileEntity);
+
+			$response[] = [
+				'uploadedFileId' => $uploadedFileId,
+				'fileName' => $fileName,
+			];
+		}
+
+		return new DataResponse($response);
 	}
 
 	/**
@@ -973,47 +1126,15 @@ public function insertSubmission(int $formId, array $answers, string $shareHash
 			'shareHash' => $shareHash,
 		]);
 
-		try {
-			$form = $this->formMapper->findById($formId);
-			$questions = $this->formsService->getQuestions($formId);
-		} catch (IMapperException $e) {
-			$this->logger->debug('Could not find form');
-			throw new OCSBadRequestException();
-		}
-
-		// Does the user have access to the form (Either by logged in user, or by providing public share-hash.)
-		try {
-			$isPublicShare = false;
-
-			// If hash given, find the corresponding share & check if hash corresponds to given formId.
-			if ($shareHash !== '') {
-				// public by legacy Link
-				if (isset($form->getAccess()['legacyLink']) && $shareHash === $form->getHash()) {
-					$isPublicShare = true;
-				}
-
-				// Public link share
-				$share = $this->shareMapper->findPublicShareByHash($shareHash);
-				if ($share->getFormId() === $formId) {
-					$isPublicShare = true;
-				}
-			}
-		} catch (DoesNotExistException $e) {
-			// $isPublicShare already false.
-		} finally {
-			// Now forbid, if no public share and no direct share.
-			if (!$isPublicShare && !$this->formsService->hasUserAccess($form)) {
-				throw new OCSForbiddenException('Not allowed to access this form');
-			}
-		}
-
-		// Not allowed if form has expired.
-		if ($this->formsService->hasFormExpired($form)) {
-			throw new OCSForbiddenException('This form is no longer taking answers');
-		}
+		$form = $this->loadFormForSubmission($formId, $shareHash);
 
+		$questions = $this->formsService->getQuestions($formId);
 		// Is the submission valid
-		if (!$this->submissionService->validateSubmission($questions, $answers)) {
+		$isSubmissionValid = $this->submissionService->validateSubmission($questions, $answers, $form->getOwnerId());
+		if (is_string($isSubmissionValid)) {
+			throw new OCSBadRequestException($isSubmissionValid);
+		}
+		if ($isSubmissionValid === false) {
 			throw new OCSBadRequestException('At least one submitted answer is not valid');
 		}
 
@@ -1054,7 +1175,7 @@ public function insertSubmission(int $formId, array $answers, string $shareHash
 				continue;
 			}
 
-			$this->storeAnswersForQuestion($submission->getId(), $questions[$questionIndex], $answerArray);
+			$this->storeAnswersForQuestion($form, $submission->getId(), $questions[$questionIndex], $answerArray);
 		}
 
 		$this->formsService->setLastUpdatedTimestamp($formId);
@@ -1301,6 +1422,48 @@ public function linkFile(string $hash, string $path, string $fileFormat): DataRe
 		]);
 	}
 
+	private function loadFormForSubmission(int $formId, string $shareHash): Form {
+		try {
+			$form = $this->formMapper->findById($formId);
+		} catch (IMapperException $e) {
+			$this->logger->debug('Could not find form');
+			throw new OCSBadRequestException(previous: $e instanceof \Exception ? $e : null);
+		}
+
+		// Does the user have access to the form (Either by logged-in user, or by providing public share-hash.)
+		try {
+			$isPublicShare = false;
+
+			// If hash given, find the corresponding share & check if hash corresponds to given formId.
+			if ($shareHash !== '') {
+				// public by legacy Link
+				if (isset($form->getAccess()['legacyLink']) && $shareHash === $form->getHash()) {
+					$isPublicShare = true;
+				}
+
+				// Public link share
+				$share = $this->shareMapper->findPublicShareByHash($shareHash);
+				if ($share->getFormId() === $formId) {
+					$isPublicShare = true;
+				}
+			}
+		} catch (DoesNotExistException $e) {
+			// $isPublicShare already false.
+		} finally {
+			// Now forbid, if no public share and no direct share.
+			if (!$isPublicShare && !$this->formsService->hasUserAccess($form)) {
+				throw new OCSForbiddenException('Not allowed to access this form');
+			}
+		}
+
+		// Not allowed if form has expired.
+		if ($this->formsService->hasFormExpired($form)) {
+			throw new OCSForbiddenException('This form is no longer taking answers');
+		}
+
+		return $form;
+	}
+
 	/**
 	 * Helper that retrieves a form if the current user is allowed to edit it
 	 * This throws an exception in case either the form is not found or permissions are missing.
diff --git a/lib/Db/Answer.php b/lib/Db/Answer.php
index 0e5c2e911e..2b6097cd47 100644
--- a/lib/Db/Answer.php
+++ b/lib/Db/Answer.php
@@ -35,12 +35,15 @@
  * @method void setSubmissionId(integer $value)
  * @method integer getQuestionId()
  * @method void setQuestionId(integer $value)
+ * @method integer|null getFileId()
+ * @method void setFileId(?integer $value)
  * @method string getText()
  * @method void setText(string $value)
  */
 class Answer extends Entity {
 	protected $submissionId;
 	protected $questionId;
+	protected $fileId;
 	protected $text;
 
 	/**
@@ -49,12 +52,14 @@ class Answer extends Entity {
 	public function __construct() {
 		$this->addType('submissionId', 'integer');
 		$this->addType('questionId', 'integer');
+		$this->addType('fileId', 'integer');
 	}
 
 	public function read(): array {
 		return [
 			'id' => $this->getId(),
 			'submissionId' => $this->getSubmissionId(),
+			'fileId' => $this->getFileId(),
 			'questionId' => $this->getQuestionId(),
 			'text' => (string)$this->getText(),
 		];
diff --git a/lib/Db/Question.php b/lib/Db/Question.php
index e4f97e1777..02fa517b5c 100644
--- a/lib/Db/Question.php
+++ b/lib/Db/Question.php
@@ -48,8 +48,6 @@
  * @method void setDescription(string $value)
  * @method string getName()
  * @method void setName(string $value)
- * @method object getExtraSettings()
- * @method void setExtraSettings(object $value)
  */
 class Question extends Entity {
 	protected $formId;
@@ -82,7 +80,7 @@ public function setExtraSettings(array $extraSettings) {
 				unset($extraSettings[$key]);
 			}
 		}
-		
+
 		$this->setExtraSettingsJson(json_encode($extraSettings, JSON_FORCE_OBJECT));
 	}
 
diff --git a/lib/Db/UploadedFile.php b/lib/Db/UploadedFile.php
new file mode 100644
index 0000000000..d2b00f5f39
--- /dev/null
+++ b/lib/Db/UploadedFile.php
@@ -0,0 +1,69 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright Copyright (c) 2024 Kostiantyn Miakshyn <molodchick@gmail.com>
+ *
+ * @author Kostiantyn Miakshyn <molodchick@gmail.com>
+ *
+ * @license AGPL-3.0-or-later
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Forms\Db;
+
+use OCP\AppFramework\Db\Entity;
+
+/**
+ * @method string getId()
+ * @method void setId(string $value)
+ * @method integer getFormId()
+ * @method void setFormId(integer $value)
+ * @method string getOriginalFileName()
+ * @method void setOriginalFileName(string $value)
+ * @method integer getFileId()
+ * @method void setFileId(integer $value)
+ * @method integer getCreated()
+ * @method void setCreated(integer $value)
+ */
+class UploadedFile extends Entity {
+	protected $formId;
+	protected $originalFileName;
+	protected $fileId;
+	protected $created;
+
+	/**
+	 * Answer constructor.
+	 */
+	public function __construct() {
+		$this->addType('id', 'string');
+		$this->addType('formId', 'integer');
+		$this->addType('originalFileName', 'string');
+		$this->addType('fileId', 'integer');
+		$this->addType('created', 'integer');
+	}
+
+	public function read(): array {
+		return [
+			'id' => $this->getId(),
+			'formId' => $this->getFormId(),
+			'originalFileName' => $this->getOriginalFileName(),
+			'fileId' => $this->getFileId(),
+			'created' => $this->getCreated(),
+		];
+	}
+}
diff --git a/lib/Db/UploadedFileMapper.php b/lib/Db/UploadedFileMapper.php
new file mode 100644
index 0000000000..d781e2b632
--- /dev/null
+++ b/lib/Db/UploadedFileMapper.php
@@ -0,0 +1,74 @@
+<?php
+/**
+ * @copyright Copyright (c) 2024 Kostiantyn Miakshyn <molodchick@gmail.com>
+ *
+ * @author Kostiantyn Miakshyn <molodchick@gmail.com>
+ *
+ * @license AGPL-3.0-or-later
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Forms\Db;
+
+use OCP\AppFramework\Db\QBMapper;
+use OCP\IDBConnection;
+
+/**
+ * @extends QBMapper<UploadedFile>
+ */
+class UploadedFileMapper extends QBMapper {
+
+	/**
+	 * AnswerMapper constructor.
+	 * @param IDBConnection $db
+	 */
+	public function __construct(IDBConnection $db) {
+		parent::__construct($db, 'forms_v2_uploaded_files', UploadedFile::class);
+	}
+
+	/**
+	 * @param string $uploadedFileId
+	 * @throws \OCP\AppFramework\Db\DoesNotExistException if not found
+	 * @return UploadedFile
+	 */
+	public function findByUploadedFileId(string $uploadedFileId): UploadedFile {
+		$qb = $this->db->getQueryBuilder();
+
+		$qb->select('*')
+			->from($this->getTableName())
+			->where(
+				$qb->expr()->eq('id', $qb->createNamedParameter($uploadedFileId))
+			);
+
+		return $this->findEntities($qb)[0];
+	}
+
+	/**
+	 * @param \DateTimeImmutable $dateTime
+	 * @return UploadedFile[]
+	 */
+	public function findUploadedEarlierThan(\DateTimeImmutable $dateTime): array {
+		$qb = $this->db->getQueryBuilder();
+
+		$qb->select('*')
+			->from($this->getTableName())
+			->where(
+				$qb->expr()->lt('created', $qb->createNamedParameter($dateTime->getTimestamp()))
+			);
+
+		return $this->findEntities($qb);
+	}
+}
diff --git a/lib/Migration/Version040010Date20240401123456.php b/lib/Migration/Version040010Date20240401123456.php
new file mode 100644
index 0000000000..de1d331160
--- /dev/null
+++ b/lib/Migration/Version040010Date20240401123456.php
@@ -0,0 +1,80 @@
+<?php
+
+declare(strict_types=1);
+
+/**
+ * @copyright Copyright (c) 2024 Kostiantyn Miakshyn <molodchick@gmail.com>
+ *
+ * @author Kostiantyn Miakshyn <molodchick@gmail.com>
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace OCA\Forms\Migration;
+
+use Closure;
+use OCP\DB\ISchemaWrapper;
+use OCP\DB\Types;
+use OCP\Migration\IOutput;
+use OCP\Migration\SimpleMigrationStep;
+
+class Version040010Date20240401123456 extends SimpleMigrationStep {
+	/**
+	 * @param IOutput $output
+	 * @param Closure $schemaClosure The `\Closure` returns a `ISchemaWrapper`
+	 * @param array $options
+	 * @return null|ISchemaWrapper
+	 */
+	public function changeSchema(IOutput $output, Closure $schemaClosure, array $options): ?ISchemaWrapper {
+		/** @var ISchemaWrapper $schema */
+		$schema = $schemaClosure();
+
+		$answersTable = $schema->getTable('forms_v2_answers');
+		$answersTable->addColumn('file_id', Types::BIGINT, [
+			'notnull' => false,
+			'default' => null,
+			'length' => 11,
+			'unsigned' => true,
+		]);
+
+		$table = $schema->createTable('forms_v2_uploaded_files');
+		$table->addColumn('id', Types::STRING, [
+			'length' => 36,
+			'notnull' => true,
+		]);
+		$table->addColumn('form_id', Types::INTEGER, [
+			'notnull' => true,
+		]);
+		$table->addColumn('original_file_name', Types::STRING, [
+			'notnull' => true,
+			'length' => 256,
+		]);
+		$table->addColumn('file_id', Types::BIGINT, [
+			'notnull' => false,
+			'default' => null,
+			'length' => 11,
+			'unsigned' => true,
+		]);
+		$table->addColumn('created', Types::INTEGER, [
+			'notnull' => false,
+			'comment' => 'unix-timestamp',
+		]);
+		$table->setPrimaryKey(['id'], 'id');
+
+		return $schema;
+	}
+}
diff --git a/lib/Service/FormsService.php b/lib/Service/FormsService.php
index 4f65be536c..3bfd464848 100644
--- a/lib/Service/FormsService.php
+++ b/lib/Service/FormsService.php
@@ -29,6 +29,7 @@
 use OCA\Forms\Db\Form;
 use OCA\Forms\Db\FormMapper;
 use OCA\Forms\Db\OptionMapper;
+use OCA\Forms\Db\Question;
 use OCA\Forms\Db\QuestionMapper;
 use OCA\Forms\Db\Share;
 use OCA\Forms\Db\ShareMapper;
@@ -596,6 +597,9 @@ public function areExtraSettingsValid(array $extraSettings, string $questionType
 			case Constants::ANSWER_TYPE_SHORT:
 				$allowed = Constants::EXTRA_SETTINGS_SHORT;
 				break;
+			case Constants::ANSWER_TYPE_FILE:
+				$allowed = Constants::EXTRA_SETTINGS_FILE;
+				break;
 			default:
 				$allowed = [];
 		}
@@ -696,8 +700,29 @@ public function getFileName(Form $form, string $fileFormat): string {
 		// TRANSLATORS Appendix for CSV-Export: 'Form Title (responses).csv'
 		$fileName = $form->getTitle() . ' (' . $this->l10n->t('responses') . ').'.$fileFormat;
 
-		// Sanitize file name, replace all invalid characters
-		return str_replace(mb_str_split(\OCP\Constants::FILENAME_INVALID_CHARS), '-', $fileName);
+		return self::normalizeFileName($fileName);
+	}
+
+	public function getUploadedFilePath(Form $form, int $submissionId, int $questionId, string $questionName, string $questionText): string {
+
+		return implode('/', [
+			Constants::FILES_FOLDER,
+			self::normalizeFileName($form->getId().'. '.$form->getTitle()),
+			$submissionId,
+			self::normalizeFileName($questionId.'. '.($questionName ?: $questionText))
+		]);
 	}
 
+	public function getTemporaryUploadedFilePath(Form $form, Question $question): string {
+		return implode('/', [
+			Constants::UNSUBMITTED_FILES_FOLDER,
+			microtime(true),
+			self::normalizeFileName($form->getId().'. '.$form->getTitle()),
+			self::normalizeFileName($question->getId().'. '.($question->getName() ?: $question->getText()))
+		]);
+	}
+
+	private static function normalizeFileName(string $fileName): string {
+		return str_replace(mb_str_split(\OCP\Constants::FILENAME_INVALID_CHARS), '-', $fileName);
+	}
 }
diff --git a/lib/Service/SubmissionService.php b/lib/Service/SubmissionService.php
index d4c942b99d..83251b4f57 100644
--- a/lib/Service/SubmissionService.php
+++ b/lib/Service/SubmissionService.php
@@ -33,6 +33,7 @@
 use OCA\Forms\Db\AnswerMapper;
 use OCA\Forms\Db\Form;
 use OCA\Forms\Db\FormMapper;
+use OCA\Forms\Db\Question;
 use OCA\Forms\Db\QuestionMapper;
 use OCA\Forms\Db\Submission;
 use OCA\Forms\Db\SubmissionMapper;
@@ -45,6 +46,7 @@
 
 use OCP\IL10N;
 use OCP\ITempManager;
+use OCP\IURLGenerator;
 use OCP\IUser;
 use OCP\IUserManager;
 use OCP\IUserSession;
@@ -103,6 +105,7 @@ public function __construct(FormMapper $formMapper,
 		IMailer $mailer,
 		private ITempManager $tempManager,
 		private FormsService $formsService,
+		private IUrlGenerator $urlGenerator,
 	) {
 		$this->formMapper = $formMapper;
 		$this->questionMapper = $questionMapper;
@@ -266,8 +269,11 @@ public function getSubmissionsData(Form $form, string $fileFormat, ?File $file =
 		$header[] = $this->l10n->t('User ID');
 		$header[] = $this->l10n->t('User display name');
 		$header[] = $this->l10n->t('Timestamp');
+		/** @var array<int, Question> $questionPerQuestionId */
+		$questionPerQuestionId = [];
 		foreach ($questions as $question) {
 			$header[] = $question->getText();
+			$questionPerQuestionId[$question->getId()] = $question;
 		}
 
 		// Init dataset
@@ -293,18 +299,30 @@ public function getSubmissionsData(Form $form, string $fileFormat, ?File $file =
 			$row[] = date_format(date_timestamp_set(new DateTime(), $submission->getTimestamp())->setTimezone(new DateTimeZone($userTimezone)), 'c');
 
 			// Answers, make sure we keep the question order
-			$answers = array_reduce($this->answerMapper->findBySubmission($submission->getId()), function (array $carry, Answer $answer) {
-				$questionId = $answer->getQuestionId();
-
-				// If key exists, insert separator
-				if (array_key_exists($questionId, $carry)) {
-					$carry[$questionId] .= '; ' . $answer->getText();
-				} else {
-					$carry[$questionId] = $answer->getText();
-				}
+			$answers = array_reduce($this->answerMapper->findBySubmission($submission->getId()),
+				function (array $carry, Answer $answer) use ($questionPerQuestionId) {
+					$questionId = $answer->getQuestionId();
+
+					if (isset($questionPerQuestionId[$questionId]) &&
+						$questionPerQuestionId[$questionId]->getType() === Constants::ANSWER_TYPE_FILE) {
+						if (array_key_exists($questionId, $carry)) {
+							$carry[$questionId]['label'] .= "; \n" . $answer->getText();
+						} else {
+							$carry[$questionId] = [
+								'label' => $answer->getText(),
+								'url' => $this->urlGenerator->linkToRouteAbsolute('files.View.showFile', ['fileid' => $answer->getFileId()])
+							];
+						}
+					} else {
+						if (array_key_exists($questionId, $carry)) {
+							$carry[$questionId] .= '; ' . $answer->getText();
+						} else {
+							$carry[$questionId] = $answer->getText();
+						}
+					}
 
-				return $carry;
-			}, []);
+					return $carry;
+				}, []);
 
 			foreach ($questions as $question) {
 				$row[] = $answers[$question->getId()] ?? null;
@@ -318,7 +336,7 @@ public function getSubmissionsData(Form $form, string $fileFormat, ?File $file =
 
 	/**
 	 * @param array<int, string> $header
-	 * @param array<int, array<int, string>> $data
+	 * @param array<int, array<int, string>|non-empty-list<array{label: string, url: string}>> $data
 	 */
 	private function exportData(array $header, array $data, string $fileFormat, ?File $file = null): string {
 		if ($file && $file->getContent()) {
@@ -333,9 +351,23 @@ private function exportData(array $header, array $data, string $fileFormat, ?Fil
 		foreach ($header as $columnIndex => $value) {
 			$activeWorksheet->setCellValue([$columnIndex + 1, 1], $value);
 		}
-		foreach ($data as $rowIndex => $row) {
-			foreach ($row as $columnIndex => $value) {
-				$activeWorksheet->setCellValue([$columnIndex + 1, $rowIndex + 2], $value);
+		foreach ($data as $rowIndex => $rowData) {
+			foreach ($rowData as $columnIndex => $value) {
+				$column = $columnIndex + 1;
+				$row = $rowIndex + 2;
+
+				if (is_array($value)) {
+					$activeWorksheet->getCell([$column, $row])
+						->setValueExplicit($value['label'])
+						->getHyperlink()
+						->setUrl($value['url']);
+
+					$activeWorksheet->getStyle([$column, $row])
+						->getAlignment()
+						->setWrapText(true);
+				} else {
+					$activeWorksheet->setCellValue([$column, $row], $value);
+				}
 			}
 		}
 
@@ -353,9 +385,10 @@ private function exportData(array $header, array $data, string $fileFormat, ?Fil
 	 * Validate all answers against the questions
 	 * @param array $questions Array of the questions of the form
 	 * @param array $answers Array of the submitted answers
-	 * @return boolean If the submission is valid
+	 * @param string $formOwnerId Owner of the form
+	 * @return boolean|string True for valid submission, false or error message for invalid
 	 */
-	public function validateSubmission(array $questions, array $answers): bool {
+	public function validateSubmission(array $questions, array $answers, string $formOwnerId): bool|string {
 		// Check by questions
 		foreach ($questions as $question) {
 			$questionId = $question['id'];
@@ -364,13 +397,20 @@ public function validateSubmission(array $questions, array $answers): bool {
 			// Check if all required questions have an answer
 			if ($question['isRequired'] &&
 				(!$questionAnswered ||
-				!array_filter($answers[$questionId], 'strlen') ||
+				!array_filter($answers[$questionId], function (string|array $value): bool {
+					// file type
+					if (is_array($value)) {
+						return !empty($value['uploadedFileId']);
+					}
+
+					return $value !== '';
+				}) ||
 				(!empty($question['extraSettings']['allowOtherAnswer']) && !array_filter($answers[$questionId], fn ($value) => $value !== Constants::QUESTION_EXTRASETTINGS_OTHER_PREFIX)))
 			) {
 				return false;
 			}
 
-			// Perform further checks only for answered questions - otherwise early return
+			// Perform further checks only for answered questions
 			if (!$questionAnswered) {
 				continue;
 			}
@@ -385,8 +425,8 @@ public function validateSubmission(array $questions, array $answers): bool {
 					|| ($maxOptions > 0 && $answersCount > $maxOptions)) {
 					return false;
 				}
-			} elseif ($answersCount > 1) {
-				// Check if non multiple questions have not more than one answer
+			} elseif ($answersCount > 1 && $question['type'] !== Constants::ANSWER_TYPE_FILE) {
+				// Check if non-multiple questions have not more than one answer
 				return false;
 			}
 
@@ -413,6 +453,21 @@ public function validateSubmission(array $questions, array $answers): bool {
 			if ($question['type'] === Constants::ANSWER_TYPE_SHORT && !$this->validateShortQuestion($question, $answers[$questionId][0])) {
 				return false;
 			}
+
+			if ($question['type'] === Constants::ANSWER_TYPE_FILE) {
+				$maxAllowedFilesCount = $question['extraSettings']['maxAllowedFilesCount'] ?? 0;
+				if ($maxAllowedFilesCount > 0 && count($answers[$questionId]) > $maxAllowedFilesCount) {
+					return $this->l10n->t('Too many files uploaded. Maximum allowed: %s', [$maxAllowedFilesCount]);
+				}
+
+				foreach ($answers[$questionId] as $answer) {
+					$nodes = $this->storage->getUserFolder($formOwnerId)->getById($answer['uploadedFileId']);
+
+					if (empty($nodes)) {
+						return $this->l10n->t('File "%s" for question "%s" not exists anymore. Please delete and re-upload the file.', [$answer['fileName'], $question['text']]);
+					}
+				}
+			}
 		}
 
 		// Check for excess answers
diff --git a/src/components/Questions/QuestionFile.vue b/src/components/Questions/QuestionFile.vue
new file mode 100644
index 0000000000..47ffa05902
--- /dev/null
+++ b/src/components/Questions/QuestionFile.vue
@@ -0,0 +1,303 @@
+<!--
+- @copyright Copyright (c) 2024 Kostiantyn Miakshyn <molodchick@gmail.com>
+-
+- @author Kostiantyn Miakshyn <molodchick@gmail.com>
+  -
+  - @license AGPL-3.0-or-later
+  -
+  - This program is free software: you can redistribute it and/or modify
+  - it under the terms of the GNU Affero General Public License as
+  - published by the Free Software Foundation, either version 3 of the
+  - License, or (at your option) any later version.
+  -
+  - This program is distributed in the hope that it will be useful,
+  - but WITHOUT ANY WARRANTY; without even the implied warranty of
+  - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+  - GNU Affero General Public License for more details.
+  -
+  - You should have received a copy of the GNU Affero General Public License
+  - along with this program. If not, see <http://www.gnu.org/licenses/>.
+  -
+  -->
+
+<template>
+	<Question v-bind="questionProps"
+		:title-placeholder="answerType.titlePlaceholder"
+		:warning-invalid="answerType.warningInvalid"
+		v-on="commonListeners">
+		<template #actions>
+			<template v-if="!allowedFileTypesDialogOpened">
+				<NcActionButton :is-menu="true" @click="allowedFileTypesDialogOpened = true">
+					<template #icon>
+						<IconFileDocumentAlert :size="20" />
+					</template>
+					{{ allowedFileTypesLabel }}
+				</NcActionButton>
+			</template>
+
+			<template v-else>
+				<NcActionSeparator />
+
+				<NcActionButton @click="allowedFileTypesDialogOpened = false">
+					<template #icon>
+						<IconChevronLeft :size="20" />
+					</template>
+					{{ t('forms', 'Allow only specific file types') }}
+				</NcActionButton>
+
+				<NcActionCheckbox v-for="({ label: fileTypeLabel }, fileType) in fileTypes"
+					:key="fileType"
+					:checked="extraSettings?.allowedFileTypes?.includes(fileType)"
+					:value="fileType"
+					class="file-type-checkbox"
+					@update:checked="onAllowedFileTypesChange(fileType, $event)">
+					{{ fileTypeLabel }}
+				</NcActionCheckbox>
+
+				<NcActionInput :label="t('forms', 'Custom file extensions')"
+					type="multiselect"
+					multiple
+					taggable
+					:value="extraSettings?.allowedFileExtensions || []"
+					@option:created="onAllowedFileExtensionsAdded"
+					@option:deselected="onAllowedFileExtensionsDeleted" />
+
+				<NcActionSeparator />
+			</template>
+
+			<template v-if="!allowedFileTypesDialogOpened">
+				<NcActionInput type="number"
+					:value="maxAllowedFilesCount"
+					:label-outside="true"
+					:label="t('forms', 'Maximum number of files')"
+					:show-trailing-button="false"
+					@input="onMaxAllowedFilesCountInput($event.target.value)" />
+
+				<NcActionInput type="number"
+					:value="maxFileSizeValue"
+					:label-outside="true"
+					:show-trailing-button="false"
+					:label="t('forms', 'Maximum file size')"
+					@input="onMaxFileSizeValueInput($event.target.value)" />
+
+				<NcActionInput type="multiselect"
+					:value="maxFileSizeUnit"
+					:options="availableUnits"
+					required
+					:clearable="false"
+					@input="onMaxFileSizeUnitInput($event)" />
+			</template>
+		</template>
+
+		<div class="question__content">
+			<ul>
+				<li v-for="uploadedFile of values" :key="uploadedFile.uploadedFileId">
+					<ul class="uploaded-file">
+						<NcActionText>{{ uploadedFile.fileName }}</NcActionText>
+
+						<NcActionButton class="delete-button-wrapper"
+							@click="onDeleteUploadedFile(uploadedFile.uploadedFileId)">
+							<template #icon>
+								<IconDelete :size="20" />
+							</template>
+							{{ t('forms', 'Delete') }}
+						</NcActionButton>
+					</ul>
+				</li>
+			</ul>
+
+			<NcLoadingIcon v-show="fileLoading" />
+
+			<input v-show="!fileLoading"
+				ref="fileInput"
+				type="file"
+				:aria-label="t('forms', 'A file answer for the question “{text}”', { text })"
+				:disabled="!readOnly || values.length >= maxAllowedFilesCount"
+				:multiple="maxAllowedFilesCount > 1"
+				:name="name || undefined"
+				@input="onFileInput">
+		</div>
+	</Question>
+</template>
+
+<script>
+
+import IconChevronLeft from 'vue-material-design-icons/ChevronLeft.vue'
+import IconDelete from 'vue-material-design-icons/Delete.vue'
+import IconFileDocumentAlert from 'vue-material-design-icons/FileDocumentAlert.vue'
+import NcActionButton from '@nextcloud/vue/dist/Components/NcActionButton.js'
+import NcActionCheckbox from '@nextcloud/vue/dist/Components/NcActionCheckbox.js'
+import NcActionInput from '@nextcloud/vue/dist/Components/NcActionInput.js'
+import NcActionSeparator from '@nextcloud/vue/dist/Components/NcActionSeparator.js'
+import NcActionText from '@nextcloud/vue/dist/Components/NcActionText.js'
+import NcLoadingIcon from '@nextcloud/vue/dist/Components/NcLoadingIcon.js'
+import OcsResponse2Data from '../../utils/OcsResponse2Data.js'
+import QuestionMixin from '../../mixins/QuestionMixin.js'
+import axios from '@nextcloud/axios'
+import fileTypes from '../../models/FileTypes.js'
+import logger from '../../utils/Logger.js'
+import { generateOcsUrl } from '@nextcloud/router'
+import { loadState } from '@nextcloud/initial-state'
+import { showError } from '@nextcloud/dialogs'
+
+const FILE_SIZE_UNITS = {
+	kb: 1024,
+	mb: 1024 ** 2,
+	gb: 1024 ** 3,
+}
+
+export default {
+	name: 'QuestionFile',
+	components: {
+		IconChevronLeft,
+		IconDelete,
+		IconFileDocumentAlert,
+		NcActionButton,
+		NcActionCheckbox,
+		NcActionInput,
+		NcActionSeparator,
+		NcActionText,
+		NcLoadingIcon,
+	},
+
+	mixins: [QuestionMixin],
+	data() {
+		return {
+			fileTypes,
+			fileLoading: false,
+			maxFileSizeUnit: Object.keys(FILE_SIZE_UNITS)[0],
+			maxFileSizeValue: '',
+			allowedFileTypesDialogOpened: false,
+		}
+	},
+
+	computed: {
+		availableUnits() {
+			return Object.keys(FILE_SIZE_UNITS)
+		},
+		maxAllowedFilesCount() {
+			return this.extraSettings?.maxAllowedFilesCount || 1
+		},
+		allowedFileTypesLabel() {
+			const allowedFileTypes = []
+			if (this.extraSettings?.allowedFileTypes?.length) {
+				allowedFileTypes.push(...this.extraSettings.allowedFileTypes.map(type => fileTypes[type].label))
+			}
+
+			if (this.extraSettings?.allowedFileExtensions?.length) {
+				allowedFileTypes.push(...this.extraSettings.allowedFileExtensions)
+			}
+
+			if (allowedFileTypes.length) {
+				return t('forms', 'Allowed file types: {fileTypes}.', { fileTypes: allowedFileTypes.join(', ') })
+			}
+
+			return t('forms', 'All file types are allowed.')
+		},
+	},
+	mounted() {
+		if (this.extraSettings.maxFileSize) {
+			Object.keys(FILE_SIZE_UNITS).forEach(unit => {
+				if (this.extraSettings.maxFileSize > FILE_SIZE_UNITS[unit]) {
+					this.maxFileSizeUnit = unit
+				}
+			})
+
+			this.maxFileSizeValue = this.extraSettings.maxFileSize / FILE_SIZE_UNITS[this.maxFileSizeUnit]
+		}
+	},
+
+	methods: {
+		async onFileInput() {
+			const fileInput = this.$refs.fileInput
+			const formData = new FormData();
+
+			[...fileInput.files].forEach(file => {
+				formData.append('files[]', file)
+			})
+
+			const url = generateOcsUrl('apps/forms/api/v2.5/uploadFiles/{formId}/{questionId}', {
+				formId: this.formId,
+				questionId: this.id,
+				shareHash: loadState('forms', 'shareHash', null),
+			})
+
+			let response
+			try {
+				this.fileLoading = true
+				response = await axios.post(url, formData, { headers: { 'Content-Type': 'multipart/form-data' } })
+			} catch (error) {
+				logger.error('Error while submitting the form', { error })
+				showError(t('forms', 'There was an error during submitting the file: {message}.',
+					{ message: error.response.data.ocs.meta.message }))
+
+				return
+			} finally {
+				this.fileLoading = false
+				fileInput.value = null
+			}
+
+			this.$emit('update:values', [...this.values, ...OcsResponse2Data(response)])
+		},
+		onMaxAllowedFilesCountInput(maxAllowedFilesCount) {
+			return this.onExtraSettingsChange({ maxAllowedFilesCount })
+		},
+		onMaxFileSizeValueInput(maxFileSizeValue) {
+			this.maxFileSizeValue = maxFileSizeValue
+			const maxFileSize = Math.round(maxFileSizeValue * FILE_SIZE_UNITS[this.maxFileSizeUnit])
+
+			return this.onExtraSettingsChange({ maxFileSize })
+		},
+		onMaxFileSizeUnitInput(maxFileSizeUnit) {
+			this.maxFileSizeUnit = maxFileSizeUnit
+			const maxFileSize = Math.round(this.maxFileSizeValue * FILE_SIZE_UNITS[maxFileSizeUnit])
+
+			return this.onExtraSettingsChange({ maxFileSize })
+		},
+		onAllowedFileTypesChange(fileType, allowed) {
+			let allowedFileTypes = this.extraSettings.allowedFileTypes || []
+
+			if (allowed) {
+				allowedFileTypes.push(fileType)
+			} else {
+				allowedFileTypes = allowedFileTypes.filter(type => type !== fileType)
+			}
+
+			return this.onExtraSettingsChange({ allowedFileTypes })
+		},
+		onAllowedFileExtensionsAdded(fileExtension) {
+			const allowedFileExtensions = this.extraSettings.allowedFileExtensions || []
+			allowedFileExtensions.push(fileExtension)
+
+			return this.onExtraSettingsChange({ allowedFileExtensions })
+		},
+		onAllowedFileExtensionsDeleted(fileExtension) {
+			let allowedFileExtensions = this.extraSettings.allowedFileExtensions || []
+			allowedFileExtensions = allowedFileExtensions.filter(extension => extension !== fileExtension)
+
+			return this.onExtraSettingsChange({ allowedFileExtensions })
+		},
+		onDeleteUploadedFile(uploadedFileId) {
+			const values = this.values.filter(value => value.uploadedFileId !== uploadedFileId)
+
+			this.$emit('update:values', values)
+		},
+	},
+}
+</script>
+
+<style scoped>
+.file-type-checkbox {
+	margin-left: 30px;
+}
+
+.uploaded-file {
+	display: flex;
+	justify-content: space-between;
+	width: 400px;
+}
+
+.uploaded-file .delete-button-wrapper {
+	width: 100px;
+}
+</style>
diff --git a/src/components/Results/Answer.vue b/src/components/Results/Answer.vue
index af9436265e..a3020a116f 100644
--- a/src/components/Results/Answer.vue
+++ b/src/components/Results/Answer.vue
@@ -27,18 +27,39 @@
 		</h4>
 		<!-- Do not wrap the following line between tags! `white-space:pre-line` respects `\n` but would produce additional empty first line -->
 		<!-- eslint-disable-next-line -->
-		<p class="answer__text" dir="auto">{{ answerText }}</p>
+		<template v-if="answers.length">
+			<p v-for="answer of answers"
+				:key="answer.id"
+				class="answer__text"
+				dir="auto">
+				<a :href="answer.url" target="_blank"><IconFile :size="20" class="answer__text-icon" /> {{ answer.text }}</a>
+			</p>
+		</template>
+		<p v-else class="answer__text" dir="auto">
+			{{ answerText }}
+		</p>
 	</div>
 </template>
 
 <script>
+import IconFile from 'vue-material-design-icons/File.vue'
+
 export default {
 	name: 'Answer',
+	components: {
+		IconFile,
+	},
 
 	props: {
+		answers: {
+			type: Array,
+			required: false,
+			default: () => [],
+		},
 		answerText: {
 			type: String,
-			required: true,
+			required: false,
+			default: '',
 		},
 		questionText: {
 			type: String,
@@ -59,6 +80,12 @@ export default {
 
 	&__text {
 		white-space: pre-line;
+
+		&-icon {
+			display: inline-flex;
+			position: relative;
+			top: 4px;
+		}
 	}
 }
 
diff --git a/src/components/Results/ResultsSummary.vue b/src/components/Results/ResultsSummary.vue
index 7889fe3ca8..7dfef93e35 100644
--- a/src/components/Results/ResultsSummary.vue
+++ b/src/components/Results/ResultsSummary.vue
@@ -54,17 +54,30 @@
 		<ul v-else class="question-summary__text">
 			<!-- Do not wrap the following line between tags! `white-space:pre-line` respects `\n` but would produce additional empty first line -->
 			<!-- eslint-disable-next-line -->
-			<li v-for="answer in textAnswers" :key="answer.id" dir="auto">{{ answer }}</li>
+			<li v-for="answer in answers" :key="answer.id" dir="auto">
+				<template v-if="answer.url">
+					<a :href="answer.url" target="_blank"><IconFile :size="20" class="question-summary__text-icon" /> {{ answer.text }}</a>
+				</template>
+				<template v-else>
+					{{ answer.text }}
+				</template>
+			</li>
 		</ul>
 	</div>
 </template>
 
 <script>
 import answerTypes from '../../models/AnswerTypes.js'
+import { generateUrl } from '@nextcloud/router'
+import IconFile from 'vue-material-design-icons/File.vue'
 
 export default {
 	name: 'ResultsSummary',
 
+	components: {
+		IconFile,
+	},
+
 	props: {
 		submissions: {
 			type: Array,
@@ -152,8 +165,8 @@ export default {
 		},
 
 		// For text answers like short answer and long text
-		textAnswers() {
-			const textAnswers = []
+		answers() {
+			const answersModels = []
 
 			// Also record 'No response'
 			let noResponseCount = 0
@@ -168,15 +181,26 @@ export default {
 
 				// Add text answers
 				answers.forEach(answer => {
-					textAnswers.push(answer.text)
+					if (answer.fileId) {
+						answersModels.push({
+							id: answer.id,
+							text: answer.text,
+							url: generateUrl('/f/{fileId}', { fileId: answer.fileId }),
+						})
+					} else {
+						answersModels.push({
+							id: answer.id,
+							text: answer.text,
+						})
+					}
 				})
 			})
 
 			// Calculate no response percentage
 			const noResponsePercentage = Math.round((100 * noResponseCount) / this.submissions.length)
-			textAnswers.unshift(noResponseCount + ' (' + noResponsePercentage + '%): ' + t('forms', 'No response'))
+			answersModels.unshift({ id: 0, text: noResponseCount + ' (' + noResponsePercentage + '%): ' + t('forms', 'No response') })
 
-			return textAnswers
+			return answersModels
 		},
 	},
 }
@@ -212,6 +236,12 @@ export default {
 				font-weight: bold;
 			}
 		}
+
+		&-icon {
+			display: inline-flex;
+			position: relative;
+			top: 4px;
+		}
 	}
 
 	&__statistic {
diff --git a/src/components/Results/Submission.vue b/src/components/Results/Submission.vue
index 21f41e3c64..c9f2136eb7 100644
--- a/src/components/Results/Submission.vue
+++ b/src/components/Results/Submission.vue
@@ -42,6 +42,7 @@
 		<Answer v-for="question in answeredQuestions"
 			:key="question.id"
 			:answer-text="question.squashedAnswers"
+			:answers="question.answers"
 			:question-text="question.text" />
 	</div>
 </template>
@@ -53,6 +54,7 @@ import moment from '@nextcloud/moment'
 import IconDelete from 'vue-material-design-icons/Delete.vue'
 
 import Answer from './Answer.vue'
+import { generateUrl } from '@nextcloud/router'
 
 export default {
 	name: 'Submission',
@@ -99,13 +101,29 @@ export default {
 				if (!answers.length) {
 					return // no answers, go to next question
 				}
-				const squashedAnswers = answers.map(answer => answer.text).join('; ')
 
-				answeredQuestionsArray.push({
-					id: question.id,
-					text: question.text,
-					squashedAnswers,
-				})
+				if (question.type === 'file') {
+					answeredQuestionsArray.push({
+						id: question.id,
+						text: question.text,
+						answers: answers.map(answer => {
+							return {
+								id: answer.id,
+								text: answer.text,
+								url: generateUrl('/f/{fileId}', { fileId: answer.fileId }),
+							}
+						}),
+					})
+				} else {
+					const squashedAnswers = answers.map(answer => answer.text).join('; ')
+
+					answeredQuestionsArray.push({
+						id: question.id,
+						text: question.text,
+						squashedAnswers,
+					})
+				}
+
 			})
 			return answeredQuestionsArray
 		},
diff --git a/src/models/AnswerTypes.js b/src/models/AnswerTypes.js
index 5268ef758e..e24044efd2 100644
--- a/src/models/AnswerTypes.js
+++ b/src/models/AnswerTypes.js
@@ -20,17 +20,19 @@
  *
  */
 
-import QuestionMultiple from '../components/Questions/QuestionMultiple.vue'
+import QuestionDate from '../components/Questions/QuestionDate.vue'
 import QuestionDropdown from '../components/Questions/QuestionDropdown.vue'
-import QuestionShort from '../components/Questions/QuestionShort.vue'
+import QuestionFile from '../components/Questions/QuestionFile.vue'
 import QuestionLong from '../components/Questions/QuestionLong.vue'
-import QuestionDate from '../components/Questions/QuestionDate.vue'
+import QuestionMultiple from '../components/Questions/QuestionMultiple.vue'
+import QuestionShort from '../components/Questions/QuestionShort.vue'
 
 import IconCheckboxOutline from 'vue-material-design-icons/CheckboxOutline.vue'
 import IconRadioboxMarked from 'vue-material-design-icons/RadioboxMarked.vue'
 import IconArrowDownDropCircleOutline from 'vue-material-design-icons/ArrowDownDropCircleOutline.vue'
 import IconTextShort from 'vue-material-design-icons/TextShort.vue'
 import IconTextLong from 'vue-material-design-icons/TextLong.vue'
+import IconFile from 'vue-material-design-icons/File.vue'
 import IconCalendar from 'vue-material-design-icons/Calendar.vue'
 import IconClockOutline from 'vue-material-design-icons/ClockOutline.vue'
 
@@ -104,6 +106,16 @@ export default {
 		warningInvalid: t('forms', 'This question needs a title and at least one answer!'),
 	},
 
+	file: {
+		component: QuestionFile,
+		icon: IconFile,
+		label: t('forms', 'File'),
+		predefined: false,
+
+		titlePlaceholder: t('forms', 'File question title'),
+		warningInvalid: t('forms', 'This question needs a title!'),
+	},
+
 	short: {
 		component: QuestionShort,
 		icon: IconTextShort,
diff --git a/src/models/FileTypes.js b/src/models/FileTypes.js
new file mode 100644
index 0000000000..a525ab6363
--- /dev/null
+++ b/src/models/FileTypes.js
@@ -0,0 +1,38 @@
+/**
+ * @copyright Copyright (c) 2023 Ferdinand Thiessen <rpm@fthiessen.de>
+ *
+ * @author Ferdinand Thiessen <rpm@fthiessen.de>
+ *
+ * @license AGPL-3.0-or-later
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+import { translate as t } from '@nextcloud/l10n'
+// !! Keep in SYNC with lib/Constants.php for supported file types \OCA\Forms\Constants::EXTRA_SETTINGS_ALLOWED_FILE_TYPES !!
+export default {
+	image: {
+		label: t('forms', 'Image'),
+	},
+	'x-office/document': {
+		label: t('forms', 'Document'),
+	},
+	'x-office/presentation': {
+		label: t('forms', 'Presentation'),
+	},
+	'x-office/spreadsheet': {
+		label: t('forms', 'Spreadsheet'),
+	},
+}
diff --git a/src/views/Submit.vue b/src/views/Submit.vue
index 281edba8f9..cca337fdf1 100644
--- a/src/views/Submit.vue
+++ b/src/views/Submit.vue
@@ -551,7 +551,8 @@ export default {
 				emit('forms:last-updated:set', this.form.id)
 			} catch (error) {
 				logger.error('Error while submitting the form', { error })
-				showError(t('forms', 'There was an error submitting the form'))
+				showError(t('forms', 'There was an error submitting the form: {message}',
+					{ message: error.response.data.ocs.meta.message }))
 			} finally {
 				this.loading = false
 			}
diff --git a/tests/Integration/Api/ApiV2Test.php b/tests/Integration/Api/ApiV2Test.php
index 2b6d53ae45..ca9b2a4280 100644
--- a/tests/Integration/Api/ApiV2Test.php
+++ b/tests/Integration/Api/ApiV2Test.php
@@ -91,7 +91,21 @@ private function setTestForms() {
 						'extraSettings' => [
 							'shuffleOptions' => true
 						]
-					]
+					],
+					[
+						'type' => 'file',
+						'text' => 'File Question?',
+						'description' => '',
+						'isRequired' => false,
+						'name' => 'file',
+						'order' => 4,
+						'options' => [],
+						'extraSettings' => [
+							'allowedFileExtensions' => ['txt'],
+							'maxAllowedFilesCount' => 1,
+							'maxFileSize' => 1024,
+						],
+					],
 				],
 				'shares' => [
 					[
@@ -1266,6 +1280,21 @@ public function dataInsertSubmission() {
 	 * @param array $submissionsExpected
 	 */
 	public function testInsertSubmission(array $submissionsExpected) {
+
+		$uploadedFileResponse = $this->http->request('POST',
+			'api/v2.5/uploadFiles/'.$this->testForms[0]['id'].'/'.$this->testForms[0]['questions'][2]['id'],
+			[
+				'multipart' => [
+					[
+						'name' => 'files[]',
+						'contents' => 'hello world',
+						'filename' => 'test.txt'
+					]
+				]
+			]);
+
+		$uploadedFileId = json_decode($uploadedFileResponse->getBody()->getContents(), true)[0]['uploadedFileId'];
+
 		$resp = $this->http->request('POST', 'api/v2.4/submission/insert', [
 			'json' => [
 				'formId' => $this->testForms[0]['id'],
@@ -1273,7 +1302,8 @@ public function testInsertSubmission(array $submissionsExpected) {
 					$this->testForms[0]['questions'][0]['id'] => ['ShortAnswer!'],
 					$this->testForms[0]['questions'][1]['id'] => [
 						$this->testForms[0]['questions'][1]['options'][0]['id']
-					]
+					],
+					$this->testForms[0]['questions'][2]['id'] => ['uploadedFileId' => $uploadedFileId]
 				]
 			]
 		]);
diff --git a/tests/Unit/Controller/ApiControllerTest.php b/tests/Unit/Controller/ApiControllerTest.php
index abd0146f11..0fcef65cc4 100644
--- a/tests/Unit/Controller/ApiControllerTest.php
+++ b/tests/Unit/Controller/ApiControllerTest.php
@@ -56,6 +56,7 @@ function time($expected = null) {
 use OCA\Forms\Db\ShareMapper;
 use OCA\Forms\Db\Submission;
 use OCA\Forms\Db\SubmissionMapper;
+use OCA\Forms\Db\UploadedFileMapper;
 use OCA\Forms\Service\ConfigService;
 use OCA\Forms\Service\FormsService;
 use OCA\Forms\Service\SubmissionService;
@@ -66,6 +67,8 @@ function time($expected = null) {
 use OCP\AppFramework\OCS\OCSBadRequestException;
 use OCP\AppFramework\OCS\OCSForbiddenException;
 use OCP\AppFramework\OCS\OCSNotFoundException;
+use OCP\Files\IMimeTypeDetector;
+use OCP\Files\IRootFolder;
 use OCP\IL10N;
 use OCP\IRequest;
 use OCP\IUser;
@@ -105,6 +108,12 @@ class ApiControllerTest extends TestCase {
 	private $userManager;
 	/** @var IL10N|MockObject */
 	private $l10n;
+	/** @var IRootFolder|MockObject */
+	private $storage;
+	/** @var UploadedFileMapper|MockObject */
+	private $uploadedFileMapper;
+	/** @var IMimeTypeDetector|MockObject */
+	private $mimeTypeDetector;
 
 	public function setUp(): void {
 		$this->answerMapper = $this->createMock(AnswerMapper::class);
@@ -125,6 +134,10 @@ public function setUp(): void {
 			->willReturnCallback(function ($v) {
 				return $v;
 			});
+		$this->storage = $this->createMock(IRootFolder::class);
+		$this->uploadedFileMapper = $this->createMock(UploadedFileMapper::class);
+		$this->mimeTypeDetector = $this->createMock(IMimeTypeDetector::class);
+
 		$this->apiController = new ApiController(
 			'forms',
 			$this->request,
@@ -141,6 +154,9 @@ public function setUp(): void {
 			$this->l10n,
 			$this->logger,
 			$this->userManager,
+			$this->storage,
+			$this->uploadedFileMapper,
+			$this->mimeTypeDetector,
 		);
 	}
 
@@ -430,6 +446,9 @@ public function testCreateNewForm($expectedForm) {
 			 	$this->l10n,
 			 	$this->logger,
 			 	$this->userManager,
+			 	$this->storage,
+			 	$this->uploadedFileMapper,
+			 	$this->mimeTypeDetector,
 			 ])->getMock();
 		// Set the time that should be set for `lastUpdated`
 		\OCA\Forms\Controller\time(123456789);
@@ -587,6 +606,9 @@ public function testCloneForm($old, $new) {
 				$this->l10n,
 				$this->logger,
 				$this->userManager,
+				$this->storage,
+				$this->uploadedFileMapper,
+				$this->mimeTypeDetector,
 			])
 			->getMock();
 
@@ -762,6 +784,7 @@ public function dataForCheckForbiddenException() {
 	public function testInsertSubmission_forbiddenException($hasUserAccess, $hasFormExpired, $canSubmit) {
 		$form = new Form();
 		$form->setId(1);
+		$form->setOwnerId('admin');
 
 		$this->formMapper->expects($this->once())
 			->method('findById')
@@ -782,6 +805,7 @@ public function testInsertSubmission_forbiddenException($hasUserAccess, $hasForm
 	public function testInsertSubmission_validateSubmission() {
 		$form = new Form();
 		$form->setId(1);
+		$form->setOwnerId('admin');
 
 		$this->formMapper->expects($this->once())
 			->method('findById')
@@ -956,7 +980,7 @@ public function testTransferOwner() {
 			->method('get')
 			->with('newOwner')
 			->willReturn($newOwner);
-		
+
 		$this->assertEquals(new DataResponse('newOwner'), $this->apiController->transferOwner(1, 'newOwner'));
 		$this->assertEquals('newOwner', $form->getOwnerId());
 	}
diff --git a/tests/Unit/Service/SubmissionServiceTest.php b/tests/Unit/Service/SubmissionServiceTest.php
index 5a6a5aa284..87f4da1968 100644
--- a/tests/Unit/Service/SubmissionServiceTest.php
+++ b/tests/Unit/Service/SubmissionServiceTest.php
@@ -43,6 +43,7 @@
 use OCP\IConfig;
 use OCP\IL10N;
 use OCP\ITempManager;
+use OCP\IURLGenerator;
 use OCP\IUser;
 use OCP\IUserManager;
 use OCP\IUserSession;
@@ -93,6 +94,9 @@ class SubmissionServiceTest extends TestCase {
 	/** @var FormsService|MockObject */
 	private $formsService;
 
+	/** @var IURLGenerator|MockObject */
+	private $urlGenerator;
+
 	public function setUp(): void {
 		parent::setUp();
 		$this->formMapper = $this->createMock(FormMapper::class);
@@ -123,6 +127,7 @@ public function setUp(): void {
 			}));
 
 		$this->formsService = $this->createMock(FormsService::class);
+		$this->urlGenerator = $this->createMock(IURLGenerator::class);
 
 		$this->submissionService = new SubmissionService(
 			$this->formMapper,
@@ -137,7 +142,8 @@ public function setUp(): void {
 			$userSession,
 			$this->mailer,
 			$this->tempManager,
-			$this->formsService
+			$this->formsService,
+			$this->urlGenerator,
 		);
 	}
 
@@ -222,13 +228,15 @@ public function testGetSubmissions() {
 						'id' => 35,
 						'submissionId' => 42,
 						'questionId' => 422,
-						'text' => 'Just some Text'
+						'text' => 'Just some Text',
+						'fileId' => null,
 					],
 					[
 						'id' => 36,
 						'submissionId' => 42,
 						'questionId' => 423,
-						'text' => 'Just some more Text'
+						'text' => 'Just some more Text',
+						'fileId' => null,
 					]
 				]
 			],
@@ -878,6 +886,6 @@ public function testValidateSubmission(array $questions, array $answers, bool $e
 			return $mail === 'some.name+context@example.com';
 		});
 
-		$this->assertEquals($expected, $this->submissionService->validateSubmission($questions, $answers));
+		$this->assertEquals($expected, $this->submissionService->validateSubmission($questions, $answers, 'admin'));
 	}
 };