Index: branches/RC/core/kernel/db/dbitem.php
===================================================================
diff -u -N -r11253 -r11361
--- branches/RC/core/kernel/db/dbitem.php	(.../dbitem.php)	(revision 11253)
+++ branches/RC/core/kernel/db/dbitem.php	(.../dbitem.php)	(revision 11361)
@@ -591,10 +591,10 @@
 			$res = ((string)$check_value != '');
 		}
 
-		$options = $this->GetFieldOptions($field);
-		if (!$res && getArrayValue($options, 'formatter') != 'kUploadFormatter') {
+		if (!$res) {
 			$this->SetError($field, 'required');
 		}
+
 		return $res;
 	}
 
Index: branches/RC/core/kernel/db/db_event_handler.php
===================================================================
diff -u -N -r11351 -r11361
--- branches/RC/core/kernel/db/db_event_handler.php	(.../db_event_handler.php)	(revision 11351)
+++ branches/RC/core/kernel/db/db_event_handler.php	(.../db_event_handler.php)	(revision 11361)
@@ -2257,33 +2257,12 @@
 				return ;
 			}
 
-			// Flash uploader does NOT send correct cookies, so we need to make our own check
-			$cookie_name = 'adm_'.$this->Application->ConfigValue('SessionCookieName');
-			$this->Application->HttpQuery->Cookie['cookies_on'] = 1;
-			$this->Application->HttpQuery->Cookie[$cookie_name] = $this->Application->GetVar('flashsid');
-
-			// this prevents session from auto-expiring when KeepSessionOnBrowserClose & FireFox is used
-			$this->Application->HttpQuery->Cookie[$cookie_name.'_live'] = $this->Application->GetVar('flashsid');
-
-			$admin_ses =& $this->Application->recallObject('Session.admin');
-			/* @var $admin_ses Session */
-
-			$perm_helper =& $this->Application->recallObject('PermissionsHelper');
-			/* @var $perm_helper kPermissionsHelper */
-
-			$section = $event->getSection();
-			$user_id = $admin_ses->RecallVar('user_id');
-
-			if (!$perm_helper->CheckUserPermission($user_id, $section.'.add') && !$perm_helper->CheckUserPermission($user_id, $section.'.edit')) {
+			if (!$this->_checkFlashUploaderPermission($event)) {
 				// 403 Forbidden
 				header('HTTP/1.0 403 You don\'t have permissions to upload');
 				return ;
 			}
 
-			if (!$cookie_name) {
-				$cookie_name = 'sid';
-			}
-
 			$value = $this->Application->GetVar('Filedata');
 
 			if (!$value || ($value['error'] != UPLOAD_ERR_OK)) {
@@ -2300,8 +2279,12 @@
 				$fname = $id.'_'.$fname;
 			}
 
-			if (!is_writable($tmp_path)) {
+			$fields = $this->Application->getUnitOption($event->Prefix, 'Fields');
+			$upload_dir = $fields[ $this->Application->GetVar('field') ]['upload_dir'];
+
+			if (!is_writable($tmp_path) || !is_writable(FULL_PATH . $upload_dir)) {
 				// 500 Internal Server Error
+				// check both temp and live upload directory
 				header('HTTP/1.0 500 Write permissions not set on the server');
 				return ;
 			}
@@ -2310,6 +2293,36 @@
 		}
 
 		/**
+		 * Checks, that flash uploader is allowed to perform upload
+		 *
+		 * @param kEvent $event
+		 * @return bool
+		 */
+		function _checkFlashUploaderPermission(&$event)
+		{
+			// Flash uploader does NOT send correct cookies, so we need to make our own check
+			$cookie_name = 'adm_' . $this->Application->ConfigValue('SessionCookieName');
+			$this->Application->HttpQuery->Cookie['cookies_on'] = 1;
+			$this->Application->HttpQuery->Cookie[$cookie_name] = $this->Application->GetVar('flashsid');
+
+			// this prevents session from auto-expiring when KeepSessionOnBrowserClose & FireFox is used
+			$this->Application->HttpQuery->Cookie[$cookie_name . '_live'] = $this->Application->GetVar('flashsid');
+
+			$admin_ses =& $this->Application->recallObject('Session.admin');
+			/* @var $admin_ses Session */
+
+			$backup_user_id = $this->Application->RecallVar('user_id'); // 1. backup user
+			$this->Application->StoreVar('user_id', $admin_ses->RecallVar('user_id')); // 2. fake user_id
+
+			$check_event = new kEvent($event->getPrefixSpecial() . ':OnProcessSelected'); // 3. event, that have "add|edit" rule
+			$allowed_to_upload = $this->CheckPermission($check_event); // 4. check permission
+
+			$this->Application->StoreVar('user_id', $backup_user_id); // 5. restore user id
+
+			return $allowed_to_upload;
+		}
+
+		/**
 		 * Enter description here...
 		 *
 		 * @param kEvent $event
Index: branches/RC/core/kernel/utility/formatters/upload_formatter.php
===================================================================
diff -u -N -r11305 -r11361
--- branches/RC/core/kernel/utility/formatters/upload_formatter.php	(.../upload_formatter.php)	(revision 11305)
+++ branches/RC/core/kernel/utility/formatters/upload_formatter.php	(.../upload_formatter.php)	(revision 11361)
@@ -50,11 +50,8 @@
 			}
 
 			if (!$value['tmp_ids']) {
-				$uploaded_files = getArrayValue($value, 'upload');
-				if (!$uploaded_files && getArrayValue($options, 'required')) {
-					$object->SetError($field_name, 'required');
-				}
-				return $uploaded_files;
+				// no pending files -> return already uploded files
+				return getArrayValue($value, 'upload');
 			}
 			$swf_uploaded_ids = explode('|', $value['tmp_ids']);
 			$swf_uploaded_names = explode('|', $value['tmp_names']);
@@ -148,15 +145,7 @@
 				$object->SetError($field_name, 'cant_save_file', 'la_error_cant_save_file');
 			}
 		}
-		else {
-			$required_error = is_array($value) || (!is_array($value) && !$value); // input type="file" OR just setting filename (during CSV import)
 
-			if ($required_error && getArrayValue($options, 'required')) {
-				$object->SetError($field_name, 'required');
-			}
-		}
-
-		// && !$object->FieldErrors[$field_name]['pseudo'] - already implemented in kDBItem::SetError method
 		if ((count($value) > 1) && $value['error'] && ($value['error'] != UPLOAD_ERR_NO_FILE)) {
 			$object->SetError($field_name, 'cant_save_file', 'la_error_cant_save_file', $value);
 		}