diff --git a/src/user/picture.js b/src/user/picture.js
index ada87589d6..852f575e07 100644
--- a/src/user/picture.js
+++ b/src/user/picture.js
@@ -90,7 +90,11 @@ module.exports = function(User) {
 	};
 
 	User.uploadFromUrl = function(uid, url, callback) {
-		var filename = 'uid:' + uid + ':tmp-image';
+		var extension = url.substring(url.lastIndexOf('.') + 1);
+		if (['png', 'jpeg', 'jpg', 'gif'].indexOf(extension) == -1) {
+			return callback('This image type is not allowed');
+		}
+		var filename = 'uid_' + uid + '_tmp-image.' + extension;
 		downloadFromUrl(url, filename, function(err, downloadedImage) {
 			if (err) {
 				return callback(err);