Allowing users to upload files to a public folder does not pose a risk for your server. They cannot run these files on your server.

It does pose a risk for users that download any of these files. These files may contain a virus or malware. Opening any of these files is a high security risk for your users. Not sure you're doing them a favor offering such a feature.

Possibly, it all depends on server, PHP and Apache configuration.

See OWASP's Unrestricted File Upload vulnerability page for some of the risks:

• The impact of this vulnerability is high, supposed code can be executed in the server context or on the client. The likelihood of a detection for the attacker is high. The prevalence is common. As a result the severity of this type of vulnerability is High.
• The web server can be compromised by uploading and executing a web-shell which can run commands, browse system files, browse local resources, attack other servers, and exploit the local vulnerabilities, and so forth. This may also result in a defacement.
• An attacker might be able to put a phishing page into the website.
• An attacker might be able to put stored XSS into the website.
• This vulnerability can make the website vulnerable to some other types of attacks such as XSS.
• Picture uploads may trigger vulnerabilities in broken picture libraries on a client (libtiff, IE had problems in the past) if the picture is published 1:1.
• Script code or other code may be embedded in the uploaded file, which gets executed if the picture is published 1:1.
• Local vulnerabilities of real-time monitoring tools, such as an antivirus, can be exploited.
• A malicious file (Unix shell script, windows virus, reverse shell) can be uploaded on the server in order to execute code by an administrator or webmaster later -- on the server or on a client of the admin or webmaster.
• The web server might be used as a server in order to host of malware, illegal software, porn, and other objects.

See my other post for some general guidelines on making file uploads safe.