Any file with 777 permissions will be readable, writable, and executable by ANY user on the system.
Any directory with 777 permissions will be readable, writable (files may be renamed/created/deleted) and browsable by ANY user on the system.
Yes, if your directory is 777, someone can delete or edit your files. If one of your PHP scripts is insecure, or one of THEIR PHP scripts is insecure, it is possible that data may be editable or deletable from the internet.
Check out this article for more information: http://www.zzee.com/solutions/linux-permissions.shtml