Uploading Images Security

[Petsmacker]

I've set up a very basic image upload page on my site but have read about the dangers of site security regarding allowing user-uploads.

Here is my script.
[code]<B>File upload</b><br><form enctype="multipart/form-data" action="<?PHP echo $PHP_SELF ?>" method="post"><input type="hidden" name="MAX_FILE_SIZE" value="1000000">Send this file: <input name="userfile" type="file"><input type="submit" name="submit" value="Send File"></form><?PHP

// copy to this directory
$dir="./images/temp/";

// copy the file to the server
if (isset($submit)){

if (!is_uploaded_file ($userfile)){echo "<b>$userfile_name</b> couldn't be copied!!";}
// check whether it has been uploaded
if (is_uploaded_file ($userfile)){
move_uploaded_file($userfile,$dir.$userfile_name) ;}
echo "<b>$userfile_name</b> copied succesfully !!";
}
?>[/code]

The /images/temp/ folder is 757 CHMOD. I have no idea if thats the right or wrong one to use not being particularly familiar with CHMOD.
Should I add anything to my script to make it more secure? I do intend to sort out the Max_file_size thing so its in PHP rather than HTML but is there anything else?
How can people screw about with unsecured uploads or their folders or whatever it is they do?

Hope you can help :)