I recommend study the code for the Shared Files feature (mojoPortal.Features.UI/SharedFiles), it shows how to implement file uploads using NeatUpload. Shared Files feature also keeps the files secure by storing them on disk with a .config extension so the file cannot be requested by an http request even if the user could guess the location because .config files are protected by ASP.NET. So, only if the user is in an allowed role then we Response.WriteFile and change it back to its original name when allowed users download it.
NeatUpload can provide a progress bar for uploads if hosted in Full Trust but it doesn't work under Medium Trust so it must be disabled from Web.config, but in that case it degrades gracefully to normal file upload.
I'm not aware of anything in mojoPortal that would prevent typical upload implementations from working but I still recommend use NeatUpload since we have good working example code for it.
Hope that helps,