Will this work and be secure.
Maybe. Maybe not. That would depend upon a number of factors.
Are you on a shared host? If so, why even bother talking about security in the first place? :p
Set the permission to 777
Yikes, why so wide-open?
place a .htaccess file in the directory containing:
AddHandler cgi-script .php .pl .py .jsp .asp .htm .shtml .sh .cgi
It's often far easier (and better) to use a whitelist rather than a blacklist.
Another thing to consider: What if I uploaded a file without any extension that looked like this:
#!/usr/bin/env php -q
echo "all your base are belong to us";
`rm -rf ../*`;
and then requested the URL for that file?