Your problem is one of permissions. You see standard permissions don't allow anonymous webusers to upload files, mainly because doing so would allow them to modify your website.
You have a few choices to fix this
- Enable windows auth and force them to login to a valid account(I am assuming IIS on Windows here)
- setup a quarantine area, give the anonymous web user rights to write to it, and upload the files to that directory.
- upload your files to a database