How about permissions? Because PowerCMS is creating a folder I assume that 777 needs to be set on the entire "CMS folder? That of course opens up a huge security hole. So is there another way around it? Maybe I could create the "cms_files" folder for PowerCMS and only set write settings on that folder? (to avoid giving write settings to the entire CMS folder)
Please explain how we can allow uploads and browsing, but at the same time minimize security issues.