I've completed extremely similar tasks previously, for myself. I can develop a single script, non-MVC, traditional file upload over HTTP, will include functions to prevent XSS and SQLi vulnerabilities and it won't be vulnerable to remote command execution vulnerabilities. If I complete this project faster then expected I'll also include try to include the required SELinux policies, ZIP file support, utilize SMARTY templating engine and/or whatever else which would provide the most value. Also, please keep in mind that I'm not a designer, I just make things work and well.
Please keep in mind that this process could feasibly be automated. I feel this is outside the scope of the request but am not adverse to discussing this further.
Thank You.