Why don't you send the info to a unique database and review it, then export it either to a file or a permanent database?

It just seems like a good idea not to let users access your file system until you're really confident about your security skills.

(I'm so chicken I don't upload anything to my files except by ftp.)