This script is dangerous to use, as-is!
There is no validation at all, regarding to what is uploaded. Furthermore, there is no check if (IS_FILE()), which means:
A) You can upload a php-script, perl-script or whatever
B) You can upload a php file, replacing the upload form
The dangerous thing here, is that one can upload a script which generates a compressed version of the www folder, deletes files, replacing files or whatever one wants.
So, if you want to use this:
SECURE IT FIRST!!