PHP File Upload

Can someone help me make this script a bit more practical and secure? Right now you can type in random letters and it will upload as a file.


<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
        "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
	<meta http-equiv="content-type" content="text/html; charset=iso-8859-1" />
	<title>Upload a File</title>
</head>
<body>
<?php // Script 11.4 - upload_file.php
// This script displays and handles an HTML form. 
// This script takes a file upload and stores it on the server.

// Address error handing.
ini_set ('display_errors', 1);
error_reporting (E_ALL & ~E_NOTICE);

if (isset ($_POST['submit'])) { // Handle form.

	// Try to move the uploaded file.
	if (move_uploaded_file ($_FILES['thefile']['tmp_name'], "../uploads/{$_FILES['thefile']['name']}")) {
	
		print '<p>Your file has been uploaded.</p>';
		
	} else { // Problem!
	
		print '<p>Your file could not be uploaded because: <b>';
		
		// Print a message based upon the error.
		switch ($_FILES['thefile']['error']) {
			case 1:
				print 'The file exceeds the upload_max_filesize setting in php.ini';
				break;
			case 2:
				print 'The file exceeds the MAX_FILE_SIZE setting in the HTML form';
				break;
			case 3:
				print 'The file was only partially uploaded';
				break;
			case 4:
				print 'No file was uploaded';
				break;
		}
		print '</b>.</p>';
	}
	
} // End of SUBMIT IF.

// Leave PHP and display the form.
?>

<form action="upload_file.php" enctype="multipart/form-data" method="post">
<p>Upload a file using this form: <br /><br />
<input type="hidden" name="MAX_FILE_SIZE" value="30000" />
<input type="file" name="thefile" /><br /><br />
<input type="submit" name="submit" value="Upload This File" />
</p>
</form>
</body>
</html>