diff --git a/api.php b/api.php
index 040e9e0..830a077 100644
--- a/api.php
+++ b/api.php
@@ -706,18 +706,28 @@ switch ($action) {
             echo json_encode(['error' => 'Logo on liian suuri (max 2MB)']);
             break;
         }
-        // Validoi tyyppi
-        $allowedTypes = ['image/png', 'image/jpeg', 'image/svg+xml', 'image/webp'];
-        $finfo = finfo_open(FILEINFO_MIME_TYPE);
-        $detectedType = finfo_file($finfo, $file['tmp_name']);
-        finfo_close($finfo);
-        if (!in_array($detectedType, $allowedTypes)) {
+        // Validoi tyyppi (tiedostopäätteen + mahdollisen finfo:n perusteella)
+        $allowedExtensions = ['png', 'jpg', 'jpeg', 'svg', 'webp'];
+        $origExt = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION));
+        if (!in_array($origExt, $allowedExtensions)) {
             http_response_code(400);
             echo json_encode(['error' => 'Sallitut tiedostotyypit: PNG, JPG, SVG, WebP']);
             break;
         }
-        $extMap = ['image/png' => 'png', 'image/jpeg' => 'jpg', 'image/svg+xml' => 'svg', 'image/webp' => 'webp'];
-        $ext = $extMap[$detectedType] ?? 'png';
+        // Käytä finfo:a jos saatavilla, muuten luota tiedostopäätteeseen
+        if (function_exists('finfo_open')) {
+            $finfo = finfo_open(FILEINFO_MIME_TYPE);
+            $detectedType = finfo_file($finfo, $file['tmp_name']);
+            finfo_close($finfo);
+            $allowedMimes = ['image/png', 'image/jpeg', 'image/svg+xml', 'image/webp'];
+            if (!in_array($detectedType, $allowedMimes)) {
+                http_response_code(400);
+                echo json_encode(['error' => 'Sallitut tiedostotyypit: PNG, JPG, SVG, WebP']);
+                break;
+            }
+        }
+        $extNormalize = ['jpeg' => 'jpg'];
+        $ext = $extNormalize[$origExt] ?? $origExt;
         $newFilename = 'logo.' . $ext;
         $compDir = DATA_DIR . '/companies/' . $companyId;
         // Luo kansio tarvittaessa (data on nyt MySQL:ssä, kansio vain logoille)
diff --git a/test_upload.php b/test_upload.php
deleted file mode 100644
index 1071abc..0000000
--- a/test_upload.php
+++ /dev/null
@@ -1,69 +0,0 @@
-<?php
-// Testaa koko upload-flow ilman autentikaatiota
-ini_set('display_errors', '1');
-error_reporting(E_ALL);
-header('Content-Type: text/plain; charset=utf-8');
-
-require_once __DIR__ . '/db.php';
-
-define('DATA_DIR', __DIR__ . '/data');
-
-if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_FILES['logo'])) {
-    $companyId = $_POST['company_id'] ?? 'web1';
-    $file = $_FILES['logo'];
-
-    echo "Upload tiedot:\n";
-    echo "  company_id: $companyId\n";
-    echo "  name: {$file['name']}\n";
-    echo "  type: {$file['type']}\n";
-    echo "  size: {$file['size']}\n";
-    echo "  error: {$file['error']}\n";
-    echo "  tmp_name: {$file['tmp_name']}\n\n";
-
-    if ($file['error'] !== UPLOAD_ERR_OK) {
-        echo "❌ Upload error: {$file['error']}\n";
-        exit;
-    }
-
-    $finfo = finfo_open(FILEINFO_MIME_TYPE);
-    $detectedType = finfo_file($finfo, $file['tmp_name']);
-    finfo_close($finfo);
-    echo "  detected mime: $detectedType\n\n";
-
-    $extMap = ['image/png' => 'png', 'image/jpeg' => 'jpg', 'image/svg+xml' => 'svg', 'image/webp' => 'webp'];
-    $ext = $extMap[$detectedType] ?? 'unknown';
-    $newFilename = 'logo.' . $ext;
-
-    $compDir = DATA_DIR . '/companies/' . $companyId;
-    if (!file_exists($compDir)) mkdir($compDir, 0755, true);
-
-    echo "Tallenna: $compDir/$newFilename\n";
-    $ok = move_uploaded_file($file['tmp_name'], $compDir . '/' . $newFilename);
-    echo $ok ? "✅ Tiedosto tallennettu!\n" : "❌ move_uploaded_file epäonnistui\n";
-
-    if ($ok) {
-        $companies = dbLoadCompanies();
-        foreach ($companies as $comp) {
-            if ($comp['id'] === $companyId) {
-                $comp['logo_file'] = $newFilename;
-                try {
-                    dbSaveCompany($comp);
-                    echo "✅ Kanta päivitetty (logo_file = $newFilename)\n";
-                } catch (Throwable $e) {
-                    echo "❌ DB virhe: " . $e->getMessage() . "\n";
-                }
-                break;
-            }
-        }
-        echo "\nJSON response olisi:\n";
-        echo json_encode(['success' => true, 'logo_file' => $newFilename, 'logo_url' => "api.php?action=company_logo&company_id=" . urlencode($companyId)]);
-    }
-} else {
-    echo "Käytä POST-lomaketta:\n\n";
-    header('Content-Type: text/html; charset=utf-8');
-    echo '<form method="POST" enctype="multipart/form-data">
-        <input type="hidden" name="company_id" value="web1">
-        <input type="file" name="logo" accept="image/*">
-        <button type="submit">Upload logo</button>
-    </form>';
-}