Can we talk more about middleware? 

I got a little tricked up on question 1. For answer choices C and D, these are actions that are good to take for security, but are they necessarily required/mandatory?

Can you elaborate on the advantages/challenges associated with storing uploaded files in the filesystem vs. the database? 

How does <input type="file"> work?

When the website is rendered, does the browser get all the uploaded files in the upload directory?

What does MIME stand for? Is MIME just the type of the data?

I am still a bit confused about res.sendFile(path.join(__dirname, pathname)); how the trick prevents unauthorized users to access the photo with the URL

"I don't really understand upload.single('photo') and how it is used in app.post('/upload', upload.single('photo'), async (req, res) => {.

I also don't really get how return res.sendFile(path.join(__dirname, pathname)); works.

I am a little confused about these:
const DB = process.env.USER;
const FILES = 'filesOwned';
const USERS = 'fileOwners';

Are FILE and USERS new directories created in my local environment? Does these only allow access to files on my local machine?"