Apply the following fixes (those with the // Fix <number>: comment) and your code would work in that only one random folder that will be created for all the uploads in the current session: (Note: I presumed the $countfiles is properly defined in your actual code.)
function file_upload_callback() {
global $wpdb;
$table_name="wp_order_quotes_real";
$_filter = true;
$randomFolder=""; // Fix 1: Define the variable.
// Fix 2: Pass $randomFolder by reference to the closure below. That way, the
// value won't be changed when the hook calls the closure the next time.
add_filter( 'upload_dir', function( $arr ) use ( &$_filter, &$randomFolder ) {
if ( $_filter ) {
if ($randomFolder == '') {
$randomFolder = ... your code;
}
$arr['path'] = $arr['basedir'].'/order-quotes/'.$randomFolder;
// Note: I moved the `return` line to below.
}
return $arr; // Fix 3: ALWAYS return it!
});
//$_filter = false; // Fix 4: Don't disable it, yet.
for($i=0; $i < $countfiles; $i++) {
// Note: You should do this because the user may not necessariy upload the
// files in sequence, i.e. file input two might be empty and the user only
// selected a file for the first and third inputs..
if ( empty( $_FILES['file']['tmp_name'][ $i ] ) ) {
continue;
}
$upload = wp_upload_bits( ... your code here... );
}
$_filter = false; // Fix 5: Now you should disable the filter because all the
// uploads have completed.
// ... the rest of your code here.
}
Additionally, instead of hardcoding the table name, you should do $table_name = $wpdb->prefix . 'order_quotes_real';. More importantly, please apply security measures like checking user capabilities and intent of the specific request.