You'll create an login/user administration to handle with the users, studying HASH to handle with passwords effectively, using a DB to store those users (I advise you MySQL) and studying Session to know how to maintain those users logged in.
After that, when a admin or user sign up, create a folder with their name into directory/username (it's better to use strtolower to maintain the dirs in a some kind of pattern) without them see (backend only) and redirect the user to the upload form, which will contains an textarea to fill the description of the work done and an input file to store the excel file in. When the user clicks on submit, store the textarea description in the DB, along with the username toke by Session ($_SESSION['username'] can be) and the current data using NOW() into DB insert query. After that, if the insert was a success, move that file to a directory using some functions.
I advise you to create a table to view all information filled by the user, filtering only the user's interactions if the user status is normal and bringing all the infos stored in database if the user is admin using SELECT into your db and creating your frontend in html.
PS: Remember to put enctype="multipart/form-data" into your form, you will work with files inside a form, it's necessary.
multipart/form-data
The content "multipart/form-data" follows the rules of all multipart MIME data streams as outlined in [RFC2045]. The definition of "multipart/form-data" is available at the [IANA] registry.
A "multipart/form-data" message contains a series of parts, each representing a successful control. The parts are sent to the processing agent in the same order the corresponding controls appear in the document stream. Part boundaries should not occur in any of the data; how this is done lies outside the scope of this specification.