File Open and Unset - Directory permission Help

[erave]

Hi,

 

Not sure if this is the right section to post this so please redirect me if need be!

 

I a php newbie (btw I LOVE it!) I have built a school website that has a php/mysql administration backend which allows the administrator to login and add new or delete pdf documents from the site such newsletters, notices, forms, policies.  The files are uploaded to relevant directories and the information pertaining to the files stored in a database.  I then use mysql queries/php to display the information with links to the pdf files.

 

I am using a session login check on each page in the admin section to restrict access to the admin area.

 

It all works perfectly on my home server but now that I am testing it on the web I am finding that to allow files to be added or deleted from the directories the permission on these directories must be set to 777.  I presume that this is not such a good idea but what are the repercussions - obviously everyone can view the contents of the directories but they could anyway yes?  Does this open the folders up to mischief making?  Is there another way to get around this?

 

Any suggestions would be fantastic!

 

Thanks

erave