|XP is just a number|
Apologies, I left out full details, but assumed from mentioning 'temp dir' that that was implied.
1) if you chmod the temp dir 777, that's not a major issue(if you have no control over server) - security, see below
2) that was why I mentioned temp - sorry, implied, but not stated
3) just run a clean up on if every now and then to remove files older than x minutes... (also removes any files that can be theoretically placed there by other users)
Funnily enough, I have to do this myself now, and I'm using a session cookie and piping the file from above the web root. But that seemed quickest at the time. So I'll be trying the QS version out...