I use this code to upload
if ( ! function_exists( 'wp_handle_upload' ) ) {
require_once( ABSPATH . 'wp-admin/includes/file.php' );
}
if($_FILES['file']['name'] != '') {
$uploadedfile = $_FILES['file'];
$upload_overrides = array( 'test_form' => false );
$movefile = wp_handle_upload( $uploadedfile, $upload_overrides );
if ( $movefile && ! isset( $movefile['error'] ) ) {
$file_url = $movefile['url'];
$file_url = $movefile['file'];
}
}
if you need to limit the file types to download, you need to change the line
$upload_overrides = array( 'test_form' => false);
on
$mimes = [
'wmv' => 'video/x-ms-wmv',
'wmx' => 'video/x-ms-wmx',
'wm' => 'video/x-ms-wm',
'avi' => 'video/avi',
'divx' => 'video/divx',
'flv' => 'video/x-flv',
];
$upload_overrides = array( 'test_form' => false, 'mimes' => $mimes );
full list of mime types
print_r(get_allowed_mime_types());