I used jquery uploadify plugin but I don't know how can I validate my form request, because even SessionId is a new id, I want to ensure the request comes from my form not another sites.
Thanks.
Are you generating the form or is the form coming from another site?
If it's from your site take the time, generate a hash of it using a seed & append that to the time (as a string). Put the resultant base64 encoded string in your form.
Now when someone submits the form, parse the string, read the time & check it's within an acceptable range (say 30mins) & that the hash is valid (ie it's not been tampered with). Since only you know the seed, no-one else can spoof your form.
if the form is coming from another source, you could use this technique and share the seed between both sites or do a more complicated API key type approach.
This technique may not be perfect (I make no guarantee that it is), but a little googling will show you similar techniques.