Wouldn't this solve your problems:
Users have to go to the root of your website and login there. They then have to browse their way to their own folder to upload / delete images.
Anyone who tries to view the folder contents without being logged in would see a 401 unauthorized page.
To achieve this, you need to right click the main folder that contains all the sub folders for your users (I believe you called it "Image Hosting") and select properties. Go to diff template and paste there the main section of the template you are using (the section called []).
Now modify the text you just pasted so it looks like this:
{.if|%user%|
<<Place the original template code here>>
|
<html><head></head><body>
<h1>Authorization Required</h1>
<p>This server could not verify that you
are authorized to access the document
requested.</p>
<hr>
<p>Please <a href="/">go back</a> and provide valid login credentials.</p>
</body></html>
.}
It basically checks if a user is logged in before showing the template. If a user is not logged in, it shows a custom 401 error page.
If a user or someone else from the internet requests an image download, it simply shows the image.
Note: be sure to disable file listing, as anyone would be able to request and view it.