Yeah, re-reading my post, I could have explained it better.
Hope your using build 219? This probably will work with older builds
but its been so long I don't remember how.
Right click on the folder in HFS window and choose Properties.
In Permissions tab allow only specific users access and then upload permissions.
You could create a special group for this, then link users to that group, either way
will work.
Then in Properties go to File masks tab and enter \* in Files filter
Give your users the address
http://YourIP:YourPort/FolderName/~upload.
HFS will ask for log in, and then the upload page should appear. If they cancel
upload, they will get the "Folder" page with no files visable, no matter how many are
really in it. Go to Flags tab in Properties and check No Download. Now files are
invisable and secure.