Added an additional file size check
Removed outputting of unsanitized data. $file_name is supplied by the user and should not be trusted until it has been scrubbed. Scrubbing is target specific (database, HTML, JavaScript have different special characters and escaping).
